Joget SSO with Azure Active Directory

Integrating Joget with Azure Active Directory for Single Sign-On (SSO) is important in environments where security and efficiency are prioritized. By linking Joget with Azure AD, the login process for your users is simplified, improving their experience and reducing administrative burden. Additionally, you'll have secure and centralized access to Joget applications, strengthening system security and complying with security standards.

To configure Joget integration with Azure Active Directory, follow these steps:

Install the Joget SAML plugin

To install the SAML plugin on Joget, follow the steps below:

1. Install the Joget SAML Plugin from the Joget Marketplace.
2. Open Joget.
3. Go to System Settings > General Settings.
4. Set API Domain Whitelist   to *
   
   You will get a 400 Forbidden error when performing the SSO if this is not set.
5. Go to System Settings > Directory Manager.
6. Select the Joget SAML Plugin.
7. In the Plugin configuration, copy the Entity ID and ACS URL.
   Azure AD requires the ACS URL to be HTTPS, so your Joget installation must run under HTTPS. 
   

Configure Azure active directory

Follow the steps below to configure Azure active directory:

1. Sign in to the Azure portal.
2. Go to Azure Active Directory > Enterprise applications.
   
   
3. Select New application > Non-gallery application, and add an application. 
   
4. Click Set up single sign-on.
5. Select SAML. 
   
6. Under Basic SAML Configuration, click the Edit pencil icon.
7. Input the Joget SAML Entity ID and ACS URL copied earlier.
8. Click Save.
   
   
   
9. Under User Attributes & Claims, click the Edit pencil icon.
10. Configure the claims in the following way:
    
    • Unique User Identifier (Name ID): user.userprincipalname
    • Email: user.mail
    • User.FirstName: user.givenname
    • User.LastName: user.surname
      
11. Under SAML Signing Certificate, download the Certificate (Base64). It will later be used to configure the Joget SAML Plugin.
    
12. Access Users and Groups on the sidebar menu.
13. Add the users allowed to access Joget (you may add yourself to the listing to test the login later).
    

Set up the Joget SAML plugin

Follow the steps below to set up your SAML Plugin.

1. Open the certificate file downloaded in the previous section.
2. Copy its contents (without the -----BEGIN CERTIFICATE----- and -----END CERTIFICATE----- lines).
3. Open Joget.
4. Go to System Settings > Directory Manager.
5. Select the Joget SAML Plugin.
6. Paste the contents in the IDP Certificate field.
   
   
7. Click Submit.

Test the SAML SSO

To test the SAML SSO, go to the Azure My Apps Portal, click on the application, and select the user to perform the SSO. The current user will be logged into Joget if the SSO configuration is correct.

Additional resources

For further information and detailed documentation, you can refer to the following resources:

• The source code for this plugin is available in the open-source repository. JogetOSS, a community-led initiative for open-source software related to the Joget no-code/low-code application platform, manages this repository. Projects under JogetOSS are community-driven and community-supported, and contributions are welcome.
• Azure Active Directory Documentation
• Joget SharePoint SSO Integration