Azure IdP Integration

The Azure Active Directory (Azure AD) is an Identity Provider that maintains and manages identity information while providing authentication services to applications. This article describes how to integrate Azure AD as an IdP in Axis Security. 

The process of connecting Azure as an IdP in Axis Security is comprised of several steps:

  • Begin creating an IdP in Axis Security
  • Creating an Axis Security application in Azure
  • Completing the IdP creation in Axis

Begin Creating an IdP in Axis Security

  1. In the Management Console, go to Settings -> Identity Providers -> Add Identity Provider.
  2. Select Azure AD.
32863286
  1. Enter a Name for the IdP.

Creating an Axis Security Application in Azure

Step 1: Obtaining the Primary Domain Address

  1. Go to Azure Active Directory-> Overview-> Basic information.
  2. Copy the Primary domain and paste it in the corresponding field in the Azure IdP form in Axis.
21412141

Step 2: Creating an Axis Application in Azure

  1. Log in to Azure Active Directory
  2. Select Enterprise Applications.
  3. Click Create your own application
  4. Enter a name for the application. 
  5. Select Integrate any other application you don't find in the gallery (Non-gallery).  
  6. Click Create
28322832

Step 3: Setting Up the Application

  1. Go to the Axis Security App registrations page. 
  2. In the menu on the left select App registrations
  3. Enter the application's name in the search field. Remove any filters. 
  4. Select the relevant application.
28322832
  1. Select Overview from the menu on the left.
  2. Copy the Primary Domain and paste it into the IdP Metadata section in the Azure IdP form in Axis.
  3. Copy the Application (client) ID and paste it into the IdP Metadata section in the Azure IdP form in Axis.

Step 4: Setting Up Authentication

  1. Select Authentication from the menu on the left. 
  2. Click Add a platform.
28322832
  1. Paste the Redirect URI obtained from the Axis Azure IdP form.
  2. Click Configure.
28202820

Step 5: Certificates and Secrets

  1. In the main menu, navigate to Certificates & secrets
  2. Select New Client Secret
24952495
  1. Add a description, select expiration, and click Add.
  2. Copy the generated Value and paste it into the IdP Metadata section in the Azure IdP Integration form in Axis Security.
25122512

Step 6: API Permissions

  1. In the main menu, go to API Permissions
  2. Click Add Permission
  3. Configure Microsoft Graph API permissions: 
  • Click Delegated Permissions.  
  • Under Select Permissions, enter the following text to the search bar: Directory.Read.All
  • Click the drop-down menu under Directory and select Directory.Read.All. 
  • Click Add Permissions
  1. Repeat step 3, enter Directory.AccessAsUser.All
  2. Repeat step 3, enter User.Read
  3. Repeat step 3, this time click Application Permissions. Enter Directory.Read.All
13881388
  1. Click Grant admin consent for Axis Security.
10641064

Step 7: Assigning Users and Groups to the Axis Application

To sync users and groups, you must assign them to the AAD SCIM application. 
To assign users and groups to the application:

  1. Go to Manage-> Users and groups.
18001800
  1. Select Add user/group
  2. Select None selected.
25722572
  1. In the Users and Groups window, select the users and groups you want to add to the application.
  2. Click Select.
  3. Click Assign at the bottom of the screen.
  4. In the Users and groups area, add the users and groups to the application.
14061406

Completing the Azure IdP integration form in Axis Security

  • Paste the SAML-P Sign-on endpoint you copied in Single sign-on URL
  • Upload the certificate you downloaded to IdP Signing Certificate.
  • Click Submit.

Configuring Metadata and Advanced Settings in the Axis Security IdP Form (Optional)

IdP Metadata

Copy the following information from the Axis application in Azure: 

  • Primary Domain: Enter the Primary Domain obtained from Azure in Step 1: Obtaining the Primary Domain Address.
  • Application (client) ID: Enter the Application (client) ID obtained from Azure in Step 2: Setting Up the Application.  
  • Client Secret: Enter the Client Secret obtained from Azure in Step 5: Certificates and Secrets. 

Click Submit.

Advanced Settings
Click here to learn more about configuring advanced settings.

📘

Note:

To commit your changes, navigate to the top-right menu, click Apply Changes, then select Commit Changes.