Table of Contents

How to Setup SAML

Yasuhiro Miyoshi Updated by Yasuhiro Miyoshi

Translation Disclaimer: The documents herein have been machine translated for your convenience by translation software. While reasonable efforts are made to provide accurate translations, portions may be incorrect. If you would like to report a translation error or inaccuracy, we encourage you to please contact us.

Get SAML settings information for organization

First open the organization's settings screen Settings > SAML/SCIM .The SAML entity ID and SAML reply URL are entered on the IdP's SSO configuration screen.

Obtain SAML metadata and from the Identity Provider

ใ€€

Azure AD

First, you need to create an SSO application, which is done differently depending on the Identity Provider (IdP).

Give it a name that is easy to remember (e.g. Money Forward IT Management Cloud)

Press the Create button and wait a moment.

When the application screen appears, select Single sign-on > SAML.

Please enter the following information:

  • Identifier (Entity ID): taken on the SSO configuration screen of the IT Management Cloud (please delete the default )
  • Reply URL: taken on the SSO configuration screen of IT Management Cloud

Once completed, copy the App Federation Metadata Uri.

Enter the copied URL into the SAML metadata URL in the IT Management Cloud and save it.

This completes the SAML settings.

ใ€€ใ€€ใ€€ใ€€ใ€€ใ€€ใ€€ใ€€ใ€€ใ€€ใ€€ใ€€ใ€€ใ€€ใ€€ใ€€ใ€€ใ€€ใ€€ใ€€ใ€€ใ€€ใ€€ใ€€ใ€€ใ€€ใ€€ใ€€ใ€€ใ€€ใ€€

Okta
  • Okta's Guide

Go to the Okta management console and press the Add Application button.

Press the Create New Application button.

For Platform, select Web, and for Sing on method, select SAML 2.0 and press the Create button.

On the next screen, enter the name of the application. (e.g. MoneyForward IT Management Cloud )

Proceed to the next screen.

ใ€€ใ€€ใ€€ใ€€ใ€€ใ€€ใ€€ใ€€ใ€€ใ€€ใ€€ใ€€ใ€€ใ€€ใ€€ใ€€ใ€€ใ€€ใ€€ใ€€ใ€€ใ€€ใ€€ใ€€ใ€€ใ€€ใ€€ใ€€ใ€€

Enter SAML settings.

  • For Single sign on URL, enter the SAML reply URL that was displayed in the IT management cloud.
  • Enter the SAML entity ID that was displayed in the IT management cloud for the Audience URI.
  • Select EmailAddress for the Name ID format.

Continue to the next screen.

Click on the Identity Provider metadata link on the next screen.

A new tab displays the linked XML file.

Enter the displayed URL into the SAML metadata URL in the IT Management Cloud.

This completes the SAML settings.

ใ€€ใ€€ใ€€ใ€€ใ€€ใ€€ใ€€ใ€€ใ€€ใ€€ใ€€ใ€€ใ€€ใ€€ใ€€ใ€€ใ€€ใ€€ใ€€ใ€€ใ€€ใ€€ใ€€ใ€€

OneLogin
  • OneLogin Guide

From the OneLogin Admin console, press the Add App button.

Select SCIM Provisioner with SAML (SCIM v2 Core), which is indicated when searching with the keyword SCIM.

Please include the name of the application. (e.g. MoneyForward IT Management Cloud )

Then save it.

Open the Configuratio tab and enter and save the following information.

  • Enter the value of the SAML entity ID of the IT management cloud in the SAML Audience URL.
  • Enter the value of the IT Management Cloud SAML reply URL in the SAML Consumer URL.
  • SCIM Base URL: Enter a dummy URL for later configuration on the SCIM Settings page.

Select the SSO tab and copy the Issuer URL.

Enter and save the SAML metadata URL in the IT Management Cloud.

This completes the SAML settings.

Activate SAML

The SAML metadata URL obtained in the previous step is set here.

Finally, turn on the switch to enable SAML.

You are now set up for SAML-based SSO ๐ŸŽ‰ Good job!

Next, let's configure SCIM for user provisioning.

How to set SCIM

supplementary information

If you have a SAML setup, the login flow will vary depending on the situation.

ใ€€

1. When logging in from the IT Management Cloud login screen, login directly using MoneyForwardID (no redirect to IdP) without going through SSO.

2. When logging in from the login UI on the IdP side, the login will be IdP Initated Flow (login using SSO).

ใ€€

How did we do?

Error: This app has not been confirmed by Google

How to calculate prices

Contact