Our Products:   CompleteFTP  edtFTPnet/Free  edtFTPnet/PRO  edtFTPj/Free  edtFTPj/PRO
0 votes
in CompleteFTP by (51.5k points)

Users often ask:

I have CompleteFTP Enterprise MFT, which supports single sign-on via SAML. I'd like to use Azure as the authentication server (a.k.a. SAML IDP). How do I do this?

1 Answer

0 votes
by (51.5k points)
Best answer
  1. Azure AD Configuration:

    • Go to the Azure portal and find the Azure Active Directory service.
    • Navigate to "Enterprise applications" and then select "New application."
    • Click "Create your own application"
    • Enter a name, e.g. "CompleteFTP", select "Integrate any other application you don't find in the gallery (Non-gallery)" and click "Create"
    • Click "Single sign-on" and then "SAML"
    • Click "Edit" in the "Basic SAML Configuration" section.
    • For the "Entity ID", enter the URL of your CompleteFTP website, e.g. https://mycompany.com
    • For the "Reply URL", enter the same URL followed by /Saml/Login, e.g. https://mycompany.com/Saml/Login
    • Save those changes.
    • Click "Download" next to "Federation Metadata XML"
    • Go to "Users and groups" and add some users.
  2. CompleteFTP SAML Configuration:
    • In the Users panel of CompleteFTP Manager, click Configure next to "Single sign-on/SAML".
    • Click "Add IDP" and select the XML file you just downloaded from Azure. This will add a new row in the IDP listbox.
    • Click "Name" in that row and enter a name, e.g. "Azure".
    • Enter the same URL as the Entity ID in the "This site's URL" textbox.
    • Fill each of the fields in the "Administrative contact" panel.
    • Click OK and then Apply changes.
  3. Test it

    • Open your browser
    • Navigate to the login page of your CompleteFTP website. You should now see a button labelled "Azure" or whatever name you gave it.
    • Click that button. This will take you to an Azure login page, though if you're already logged into the Azure console then it'll assume that you want to log in using that account. If you haven't added that account to the Azure 'Enterprise application' that you set up above, then you'll get an error.