Configure Smart Completions using Azure Authentication - Intergraph Smart Completions - Intergraph Smart Completions Update 18 - Help - Hexagon

Intergraph Smart Completions Help (5.3.18)

Language
English
Product
Intergraph Smart Completions
Search by Category
Help
Smart Completions Version
5.3.18

Use the below information to configure Smart APIs by using OAuth 2.0 with Azure Active Directory (AD):

Prerequisites

  • Register an application in Azure AD to represent the SaaS application.

Register Smart Completions for SaaS application:

  1. Log on to Azure portal with your Microsoft Azure account.

  2. Select a relevant Azure active directory.

  3. Select App Registrations > New Registration.

    App registration

  4. In the Register an application page, enter all the required information.

    register appln

    1. Add these URLs as Redirect URI - https://,siteURL./SAML/SAMLService.aspx, https://,siteURL./login.aspx

      redirect URIs

Once you register to a Smart API application:

  1. Open Expose an API > Application ID URI and then click Set.

    Expose API

  2. Click + icon to Add a Scope, and enter the required information.

    Add a scope

  3. Click Add Scope.

  4. Get access to the Application ID, Audience API, and Scope API values.

  5. Update the delivered config file in SaaS application

    <add key="okta:UserNameClaim" value="preferred_username" />

    <add key="okta:Issuer" value="{IssuerURL" />

    <add key="okta:WellKnown" value=".well-known/openid-configuration" />

    <add key="okta:Audience" value="{ApplicationID}" />

  6. Identify the issuer URL using metadata document. Copy the meta document and place it in the browser.

    Issuer URL

    Issuer URL in browser

  7. Update the delivered saml.config file:

    Service Provider

    Name

    Audience Restriction from Azure AD

    Description

    Describe the service provider

    AssertionConsumerServiceUrl

    path to SAMLService (Do not modify)

    LocalCertificatePassword

    password to above cert

    PartnerIdentityProvider (Values from IDP metadata)

    Name

    Azure AD Entity ID

    Description

    Describe the partner identity provider

    SignAuthnRequest

    true

    SingleSignOnServiceUrl

    AzureAD Saml SingleSignOnService

    SingleLogoutServiceurl

    AzureAD Saml SingleSignOnService

    PartnerCertificateFile

    path to IDP cert, download from Azure AD and move SP server

  8. Change the IDP value in database with azure EntityID value.