This document should help you get SAML integration setup within your Azure Active Directory setup.

Go to the Azure Portal (https://portal.azure.com)

Click on "Azure Active Directory"

Click on "Enterprise Application"

Click on "New application"

Select "Non-gallery application" and enter a name like "DIGIDECK"

Click "Add"

Once the app is created, then click on the "Single sign-on" tab on the left

Click the "SAML" option

You will see a step-by-step screen as shown below:

Click the edit pencil for the User Attributes & Claims.

Add these claims:

Once in the Set up Single Sign-On with SAML view, you will need to provide the metadata XML URL to Sportsdigita.

Click on the Copy to Clipboard icon next to the App Federation Metadata Url value:

Once they have it, they will be able to give you the metadata XML for the DIGIDECK servers.

Here is an example:

https://webapi.platform.sportsdigita.com/api/v1/authentication/saml/{subdomain}/metadata

This URL is provided in your Organization Integration tab:

Save the DIGIDECK XML to disk.

Click the Upload metadata file and select your XML that was saved to disk.

This should auto-populate all your entries for the basic SAML Configuration:

Click "Save"

DIGIDECK SAML integration requires encryption. Azure AD has a new feature to do this called Token encryption.

Select the Token Encryption tab on the left.

Download this file to disk:

https://cdn.platform.sportsdigita.com/SAMLPublicEncryption-prod.cer

Click the Import Certificate and browse for the downloaded certificate:

Click "Add"

Once uploaded, click the three dots next to the cert in the certificate listing and select "Activate token encryption"

When you have the certificate activated, then you can go back to the Single sign-on view and test your integration.

Click the "Test this application"

Then click on "Sign in as Current User"

Make sure that your account has been added to the application by going to Users and Groups.