Configure Single Sign-On for Azure Active Directory in CloudCheckr CMx

Follow this procedure to configure the Azure portion of the Active Directory Single Sign-On (SSO) for CloudCheckr CMx.

If you are a white label customer, we encourage you to contact your Customer Success Manager or our Support team to confirm you're properly set up before you configure Azure Active Directory SSO.

Procedure

  1. Log in to the Azure portal.
  2. From the left navbar, click Azure Active Directory.
  3. In the Manage section of the Azure Active Directory blade, click Enterprise applications.
  4. Click New application.
  5. Select Non-gallery application.
  6. In the Name text field, type CloudCheckr CMx
  7. From the bottom of the page, click Add.
  1. From the CloudCheckr CMx - Quick start screen, select Assign a user for testing (required).
    The Users and Groups blade opens.
  2. Click Add user.

    The Add Assignment blade opens.

  3. Select Users.

    A list of users displays.

  4. Select a user from the list and click Select.
  5. In the Add Assignment blade, click Assign.
  6. Close any open blades and return to the CloudCheckr CMx - Quick start screen.
  7. Select Create your test user in CloudCheckr (required).

    The Provisioning blade opens.

  8. Verify that the provisioning mode is set to Manual.
  9. Click Save and close the blade.
  1. From the CloudCheckr CMx - Quick start screen, click Configure single sign-on (required).
    If you log in to CloudCheckr CMx at https://app-eu.cloudcheckr.com, https://app-au.cloudcheckr.com, https://app-gov.cloudcheckr.com, or https://app-fed.cloudcheckr.com, update the URLs accordingly in the following steps.
  2. From the Single Sign-on Mode drop-down menu, select SAML-based Sign-on.
  3. In the Identifier text field:
    • For iDP-initiated SSO, type https://auth-us.cloudcheckr.com/auth
    • For SP-initiated SSO, type https://auth.mycompanycloud.com/auth
  4. In the Reply URL text field:
    • For iDP-initiated SSO, type https://auth-us.cloudcheckr.com/auth/sso/saml2/Acs
    • For SP-initiated SSO, type https://auth.mycompanycloud.com/auth/sso/saml2/Acs
  5. Select the Show advanced URL settings check box.
  6. SP-initiated SSO ONLY - In the Sign-on URL text field, type https://auth.mycompanycloud.com/auth
  7. Click Save.

    Here is an example of what a completed SSO configuration would look like:

  8. Once the Enterprise application setup is complete, you can log in to  https://myapps.microsoft.com and select CloudCheckr CMx from the list of applications.
  9. Please contact Support directly to ensure your CloudCheckr CMx account is properly configured to allow access to Azure Active Directory.

How did we do?