Entra ID (Azure AD) using SAML2

Last Updated 28 days ago

In order to work around the limitation of the Entra ID native integration where a user will get the same Quickchannel User Role on all the connected Quickchannel accounts you can instead use SAML2 to connect against Entra ID.

This is only relevant for customers having or planning to have multiple Quickchannel accounts. Configuring the SAML2 integration is more involved.

  1. In your Microsoft Entra admin center navigate to Identity -> Applications -> Enterprise Applications and click New Application.
    image
  2. Choose a name, for example Quickchannel SAML2, and Non-gallery application. Click Create.
  3. Navigate to Manage -> Single sign-on and choose SAML.
  4. Under SAML Certificates copy the value for App Federation Metadata Url.
  5. Log in to Quickchannel Account Console and navigate to Settings -> Integrations -> Single Sign-on and click Connect SAML2 IdP.
    image
  6. Fill in a name, the metadata URL from step 4, the email domain of you and your users (for example quickchannel.com) and the following attribute mapping:
    Email http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
    UUID http://schemas.xmlsoap.org/ws/2005/05/identity/claims/objectidentifier
    Name http://schemas.xmlsoap.org/ws/2005/05/identity/claims/displayname
    Role http://schemas.microsoft.com/ws/2008/06/identity/claims/role
    Click Save.
    Note that there is a security restriction requiring you to have logged in using this email domain.
  7. Download the linked SP Metadata file.
  8. In the Entra admin center, on the Single sign-on page from step 4, click Upload metadata file from step 7.
  9. Click Users and groups under Manage och click the link application registration to navigate to App roles configuration. Add app roles with values of the form accountid:role.
    The account id can be found in Quickchannel Account Console under Settings -> API.
    The following role values can be used: administrator, publisher, user, producer, readonly.
    When you are finished it could look similar to this:
    image
  10. Navigate back to your Enterprise Application and under Manage -> Users and groups you can assign the app roles as appropriate:
    image
This website relies on cookies to function, but no personal data is ever stored in the cookies.
OK

Loading ...