Connect Meisterplan with Azure Active Directory (AD) to use Single Sign-On (SSO) via SAML 2.0.
- Adding Meisterplan as an App in Azure AD
- Assign Users in Azure AD
- Adding Users in Meisterplan
- Logging in to Meisterplan via Azure AD
Adding Meisterplan as an App in Azure AD
Add Meisterplan as a new SAML app in Azure AD and enter the service provider data provided by Meisterplan into Azure AD. Then enter the identity provider data provided by Azure AD into Meisterplan.
Follow these steps:
- Add a new app in Azure AD by selecting Enterprise Application and then clicking Create your own application. In the top right, select Integrate any other application you don't find in the gallery:
Find more information on this in the Azure AD help. - In the left sidebar in Azure AD, click Single Sign-On and then select the SAML option:
Find more information on this in the Azure AD help. - Set up SAML by filling in these two sections:
Find more information on this in the Azure AD help. - Now open Meisterplan and under Manage > Users > Configure click Configure SAML. If you don't see the service provider data on this page, click SAML enabled. Either download the XML file from Meisterplan and import by clicking Upload metadata file in Azure AD, or copy the field values highlighted in red:
- Return to Azure AD. In step 1 Basic SAML Configuration, enter the service provider data provided by Meisterplan:
- In step 2 User Attributes & Claims, match the SAML nameID field with the Azure email field:
- In step 3 SAML Signing Certificate and Set Up [application name], you will find the identity provider data provided by Azure AD for Meisterplan:
- Download Certificate (Base64) and copy the values for Login URL, Azure AD Identifier and Logout URL.
- Paste the values as well as the downloaded certificate in the appropriate fields in Meisterplan:
If your certificate file contains more than one X.509 certificate, use the one labeled <KeyDescriptor use="signing">. - In Meisterplan, click Save Configuration.
- Complete the remaining steps to add an app as described in the Azure AD documentation.
Assign Users in Azure AD
In Azure AD, assign the desired users to the Meisterplan app.
Adding Users in Meisterplan
All users logging in to Meisterplan via Azure AD will need to create corresponding user accounts in Meisterplan. You can add them automatically with auto-provisioning, or you can add them manually as follows.
Users are added in Meisterplan under Manage > Users, and user rights are configured under Manage > User Groups. For more details on user management in Meisterplan, see the articles Manage Users and Manage User Groups.
Logging in to Meisterplan via Azure AD
To log in to Meisterplan as a user via Azure AD, enter a URL according to the scheme https://us.meisterplan.com/<yoursystem>. This will redirect you to the registration page of Azure AD.
Administrators can still log in to Meisterplan via a URL according to the scheme https://us.meisterplan.com even without Single Sign-On.
For additional details on logging in via SSO, see the article Login.