Shop

Your Notifications (0)

There are currently no notifications. You're all set!

Demos Trials
Knowledge Base
ChemDraw and ChemOffice+ Products Signals Notebook E-Notebook and ChemBioOffice Enterprise Spotfire and Signals Spotfire Products Columbus Signals Image Artist
Downloads
Downloads
Community
Support Forums Ideas Portal Product Basics
About Support
Legal Resources Support and Maintenance Plans Product Life Cycle Support News
Contact Support

Signals Notebook : SAML Authentication using Microsoft Azure / Entra ID

Murillo, Sergio
  • Updated

 

If you are configuring authentication for the new Revvity tenant URLs, we recommend creating a new application in Azure/Entra. Editing the existing Azure/Entra application will most likely lock you out of your tenant's existing authentication.

 

Information you will need from Signals Notebook

 

  • Log into Signals Notebook as an administrator
  • Navigate to Configuration > System Settings > Authentication
  • Select the URL to configure from the ‘Domain Name’ dropdown menu
  • From the ‘Mode of Authentication’ options select ‘External SAML’

If you have existing SAML configuration from a different domain, that configuration will be copied into the fields below, however it will need to be removed for your new configuration to be entered.

 

Below are the fields you need to copy from SNB to Azure.

 

SAML Config from SNB to Azure.png

 

You need to define an Application ID, this can be any value you want with no spaces. Try to avoid using URLs as they usually create confusion with the other URLs used in the configuration.

 

Creating An Application in Azure

 

  • Click on Enterprise Applications
  • Click New Application

Azure New Application.png

 

  • Click Create your Own Application
  • Enter a name to display to users on their Microsoft dashboard
  • Select Non-Gallery and click Create

 

Azure Create Application.png

 

Click Single Sign On or Setup Single Sign On:

 

Azure SSO.png

 

Select SAML:

 

Azure SAML.png

 

On Basic SAML Configuration click Edit:

 

Azure SAML Edit.png

 

Here you will enter the values you collected from the SNB configuration page:

 

Azure SAML Basic Config.png

 

  • Entity ID is your Application ID, this value needs to match exactly what you entered in SNB Application ID.
  • Sign On URL is just your tenant URL.
  • You do not need to enter a Logout URL, you can optionally enter it on SNB directly.

Click Save.

 

By default, Azure/Entra applications have  "Assignment Required = Yes" in the application properties, this means you need to explicitly add users or groups so they can authenticate with this application:

 

Azure Users groups.png

You authentication process will fail if no users have been assigned to the application.

Optionally you can disable the Assignment Required property.

 

Information you will need from Azure/Entra ID

 

  • Download the Base64 certificate OR the Federation Metadata XML (you can download either one, instructions for each follow below)
  • Copy the Login URL

 

Azure Certificate and login URL.png

 

Obtain the certificate string

 

If you downloaded the Federation Metadata XML:

 

Copy the certificate string from the X509Certificate tag (line 27 on the screenshot below):

 

FederationMetadataXML.png

 

If you downloaded the base64 certificate:

 

Using a text editor, remove the BEGIN and END lines on the certificate

 

Azure cert.png

 

Using any method you prefer, turn the certificate string into a single line:

 

Azure Cert one line.png

 

Enter Azure information into SNB

 

  • Enter the SAML Key (certificate string in a single line with no spaces)
  • Enter the login URL

 

SNB Azure final config.png

 

Optionally you can specify a logout URL to take your users to after they logout.

 

Entering an incomplete/invalid SAML key will result in the following error:

 

Exception SSO.png

You can now use the Test Configuration button to validate your settings.

Only save your settings if the test is successful or if you have a different domain to login and modify the settings.

 

Related articles