Security Assertion Markup Language (SAML) is an easy way for your users to authenticate and access Phishing Tackle. This knowledge base article will explain how to configure SAML 2.0 in Microsoft Azure.
If you have configured White Labelling, please ensure that you use your organisation's White Labelled login page to log in. The URL used to access the platform will be used to configure SAML.
In the search bar enter "Enterprise applications", then select the service "Enterprise applications".
On the Enterprise applications | All applications page click "New application".
On the Browse Azure AD Gallery page, click "Create your own application".
Enter a name for your application and click the setting "Integrate any other application you don't find in the gallery (Non-gallery)". Then click "Create".
You will be redirected to the overview page for your new application. On this page, click "Set up single sign on".
Click "SAML" for your single sign-on method.
How to Configure SAML in Azure
On the Set up Single Sign-On with SAML page click the "Edit" button for "Basic SAML Configuration".
To complete the "Basic SAML Configuration" section in Azure, please enter the following values.
Copy the "Reply URL (Assertion Consumer Service URL)" (In Phishing Tackle) to "
Service Provider Logout URL" (In Phishing Tackle) to "Logout URL" in Azure.
Click "Save", your settings should match the image below. Once the "Basic SAML Configuration" is completed, Azure will update your Attributes & Claims and SAML Signing Certificate.
How to Configure SAML in Phishing Tackle
In Phishing Tackle enter a description and click "Save".
Move to Step 4 "Set up Phishing Tackle SAML Sign On" in Azure. These values will need to be entered in Phishing Tackle.
To complete the "IDENTITY PROVIDER (IdP)" section in Phishing Tackle please enter the following values.
Set the Identifier (Entity ID) to "PhishingTackle".
Copy the "Azure AD Identifier" (In Azure) to "Identifier Provider Id" (In Phishing Tackle).
Copy the "Login URL (In Azure) to "Identity Provider Sign on URL" (In Phishing Tackle).
Copy the "Logout URL" (In Azure) to "Identity Provider Logout URL" Phishing Tackle).
Click the "Save" button in Phishing Tackle.
In Phishing tackle delete the text within "Identity Provider SAML Base64 Signing Certificate".
Then in Azure click the download button for "Certificate (Base64)". Open the certificate using a text editor and copy everything within the file to "Identity Provider SAML Base64 Signing Certificate" within Phishing Tackle.
Click the "Save" button in Phishing Tackle.
Assign users and groups
To assign permissions to users and groups allowing them to use the application in the left-hand column click "Users and groups".
Click the button "Add user/group".
Select the users or groups you would like to use SAML to login.
Once you are happy with the users and groups permitted to use the application, enable Single Sign-on (SAML2) in Phishing Tackle and click "Save".
With this setup and saved, please ensure to clear all cookies before logging back in. Your users can now access Phishing Tackle and use SAML to login.
If you need any assistance with configuring SAML 2.0 for Azure, please contact our support team by clicking here.