Configure Single Sign-On for Azure Active Directory in CloudCheckr
In this topic, you will learn how to set up SSO with your PingOne account by configuring:
- PingOne (the Identity Provider or IdP)
- CloudCheckr (the Service Provider or SP)
- Log in to the Azure portal.
- From the left navbar, click Azure Active Directory.
- In the Manage section of the Azure Active Directory blade, click Enterprise applications.
- Click New application.
- Select Non-gallery application.
- In the Name text field, type CloudCheckr
- From the bottom of the page, click Add.
- From the CloudCheckr - Quick start screen, select Assign a user for testing (required).
The Users and Groups blade opens.
- Click Add user.
The Add Assignment blade opens.
- Select Users.
A list of users displays.
- Select a user from the list and click Select.
- In the Add Assignment blade, click Assign.
- Close any open blades and return to the CloudCheckr - Quick start screen.
- Select Create your test user in CloudCheckr (required).
The Provisioning blade opens.
- Verify that the provisioning mode is set to Manual.
- Click Save and close the blade.
- From the CloudCheckr - Quick start screen, click Configure single sign-on (required).
If you log in to CloudCheckr at https://app-eu.cloudcheckr.com, https://app-au.cloudcheckr.com, https://app-gov.cloudcheckr.com, or https://app-fed.cloudcheckr.com, update the URLs accordingly in the following steps.
- From the Single Sign-on Mode drop-down menu, select SAML-based Sign-on.
- In the Identifier text field:
- For iDP-initiated SSO, type https://app.cloudcheckr.com/auth
- For SP-initiated SSO, type https://mycompanyscloud.com/auth
- In the Reply URL text field:
- For iDP-initiated SSO, type https://app.cloudcheckr.com/auth/sso/saml2/Acs
- For SP-initiated SSO, type https://mycompanyscloud.com/auth/sso/saml2/Acs
- Select the Show advanced URL settings check box.
- SP-initiated SSO ONLY - In the Sign-on URL text field, type https://mycompanyscloud.com/auth
- Click Save.
Here is an example of what a completed SSO configuration would look like:
- Once the Enterprise application setup is complete, you can log in to https://myapps.microsoft.com and select CloudCheckr CMx from the list of applications.
- Please contact Support directly to ensure your CloudCheckr CMx account is properly configured to allow access to Azure Active Directory.