Setup of the Azure Active directory
...
Go to App registration and create a new registration. (note 29/11/21) An App may exist already please see note at bottom of page - David Bird.
Give it a fitting name and select the correct account types.
...
It needs to be the same URI as the redirect URI (This only works if the domain is trusted by Azure tenant) or the default App URI.
...
OR
...
Go to Token configuration and add the following tokens:
...
In the Entity ID you insert the same URL as you used for you redirect URI (https://DAMURL/DigizuiteCore/LoginService) OR api://{GUID]} - e.g. api://d530289c-c796-4521-b0e0-17c9ab986791
Signing behavior:
IfIdpWantAuthnRequestsSigned
...
Repeat this process for all the groups that should be synced.
29/11/21 - Note by David Bird (Unlicensed) When attempting to setup SSO on one of the Azure tenants digizuite (digizuitebasic5 in my screenshots) This tenant inherits its app/settings from the “root” tenant. The App propagates down. You don’t see this app under owner applications where you would normally see if you create one as per the instructions above.
...
So click on All Applications - Then you can see the AAD SAML as below.
...
Setup of connectors or media manager:
...