Skip to main content
Version: 15.0

How do I set up my Azure AD for a BOC product?

Important: This guide provides a possible approach to setting up Microsoft Azure AD, based on best practice. However, please note that we cannot take any legal responsibility for the implementation and the possible consequences resulting from it. It is recommended to involve an IT specialist on your side to verify and maintain the connection.

StepDescription
1.Use the search bar (1) of your Azure AD Portal to find "Enterprise applications" (2).Enter "Enterprise" in the search bar Click here to enlarge
2.Under All applications (1) select New application (2), then click on Create your own application (3).Select "All Applications" in the menu on the left, then "+ New application" on the right Click here to enlarge
Select "Create your own application" Click here to enlarge
3.Enter the name of your BOC application e.g. "ADONIS ", "ADOIT " or "ADOGRC ".Enter the name of your BOC product in the field Click here to enlarge
4.Open the Azure application you just created and select Single sign-on (1), then switch to SAML (2).Click on Single-Sign On on the left and then on SAML on the right Click here to enlarge
5.Under the item Basic SAML Configuration, select the Edit (1) function and enter the "Identifier (Entity ID)" and "Reply (Assertion Consumer Service URL) Attributes" which you have received from the BOC technical support.Click on the "Edit" button on the right, then enter the data which you have received from technical customer support Click here to enlarge
6.After entering, scroll down to Attributes & Claims and click on EditClick the "Edit" button on the right Click here to enlarge
7.Adjust the claims. Required are user.givenname, user.surname, user.mail, user.groups and user.userprincipalnameEnter *user.givenname, user.surname, user.mail, user.groups* and *user.userprincipalname* Click here to enlarge
8.Scroll down to Step 4 and copy the Login URL from the Set up ADONIS panel. Share the Login URL with your BOC technical support contact.The URL from the "Login URL" field must be copied and submitted to the BOC Click here to enlarge
9.Download the Federation Metadata XML and/or the Certificate (Base64) from the SAML Certificates panelClick on "Download" at Certificate (Base64) and Metadata XML Click here to enlarge
10.Upload those files to the fileshare link provided by your BOC technical support contact.
11.Now search for "Azure Active Directory " using the search bar (1) and click on the result (2).Use the search bar to search for "Azure Active Directory" Click here to enlarge
12.Select App registrations and find your newly created application on the right side. Open it.In the selection, search for the product you have set. In the example, "ADONIS" Click here to enlarge
13.Select Certificates & secrets on the left side.Click on "Certificates & secrets" in the left column Click here to enlarge
14.Switch to the Certificates tab (1) and upload the Service Provider Token Signing certificate you received from BOC via Upload certificates (2).First click on "Certificate" and then upload the certificates you have received from the technical customer support Click here to enlarge
15Go back to your AD application and click on Users and groups on the right, then on Add user/group (1). Add the users and/or groups that should be able to access your BOC product.Click on the Users and groups button on the right and then on the Add user/group button Click here to enlarge
16The BOC technical customer support will now guide you through the next steps of your SSO setup.