Articles in this section

Configuring SSO with Azure AD (SAML 2.0)

Availability Pro Premium

Connect Meisterplan with Azure Active Directory (AD) to use Single Sign-On (SSO) via SAML 2.0.

Adding Meisterplan as an App in Azure AD

Add Meisterplan as a new SAML app in Azure AD and enter the service provider data provided by Meisterplan into Azure AD. Then enter the identity provider data provided by Azure AD into Meisterplan.

Follow these steps:

  1. Add a new app in Azure AD by selecting Enterprise Application and then clicking Create your own application. In the top right, select Integrate any other application you don't find in the gallery:
    MS-AzureAD_Enterprise-application.png
    Find more information on this in the Azure AD help.
  2. In the left sidebar in Azure AD, click Single Sign-On and then select the SAML option:
    MS-AzureAD_SSO-SAML.png
    Find more information on this in the Azure AD help.
  3. Set up SAML by filling in these two sections:
    MS-AzureAD_SSO-SAML_setup.png
    Find more information on this in the Azure AD help.
  4. Now open Meisterplan and under Manage > Users > Configure click Configure SAML. If you don't see the service provider data on this page, click SAML enabled. Either download the XML file from Meisterplan and import by clicking Upload metadata file in Azure AD, or copy the field values highlighted in red:
    Meisterplan_SAML-Settings.png
  5. Return to Azure AD. In step 1 Basic SAML Configuration, enter the service provider data provided by Meisterplan:
    MS-AzureAD_Basic-SAML-configuration.png
  6. In step 2 User Attributes & Claims, match the SAML nameID field with the Azure email field:
    Map-SAML-Azure.png
  7. In step 3 SAML Signing Certificate and Set Up [application name], you will find the identity provider data provided by Azure AD for Meisterplan:
    Meisterplan-Azure_AD-Identity_Provider_Data_in_Azure_AD.png
  8. Download Certificate (Base64) and copy the values for Login URL, Azure AD Identifier and Logout URL.
  9. Paste the values as well as the downloaded certificate in the appropriate fields in Meisterplan:
    Meisterplan-Azure_AD-Identity_Provider_Data_in_MP.png
    If your certificate file contains more than one X.509 certificate, use the one labeled <KeyDescriptor use="signing">.
  10. In Meisterplan, click Save Configuration.
  11. Complete the remaining steps to add an app as described in the Azure AD documentation.

Assign Users in Azure AD

In Azure AD, assign the desired users to the Meisterplan app.

Adding Users in Meisterplan

All users logging in to Meisterplan via Azure AD will need to create corresponding user accounts in Meisterplan. You can add them automatically with auto-provisioning, or you can add them manually as follows.

Users are added in Meisterplan under Manage > Users, and user rights are configured under Manage > User Groups. For more details on user management in Meisterplan, see the articles Manage Users and Manage User Groups.

Logging in to Meisterplan via Azure AD

To log in to Meisterplan as a user via Azure AD, enter a URL according to the scheme https://us.meisterplan.com/<yoursystem>. This will redirect you to the registration page of Azure AD.

Administrators can still log in to Meisterplan via a URL according to the scheme https://us.meisterplan.com even without Single Sign-On. 

For additional details on logging in via SSO, see the article Login.

 

Share this article:

Was this article helpful?
5 out of 8 found this helpful
Need more help? Contact our support.
Return to top

Related articles