Finding Required Values in Entra ID
This section describes how to find the required System and Admin Settings for setting up a Third-Party Identity Provider (IdP) after completing the previous four tasks in this section to configure SAML SSO in Microsoft Entra ID.
Copy the following URLs and Object ID from your Entra ID Enterprise Application page.
Note
In the context of SSO/SAML endpoints, all URLs are case-sensitive.
Issuer
Navigate to: Enterprise Applications > Manage > Single sign-on > (4) Microsoft Entra Identifier
Example: https://sts.windows.net/0000a00a-b11b-2c22-d3d3-ee44e4444e44/ (URL + Tenant ID)
Login URL
Navigate to: Enterprise Applications > Manage > Properties > User access URL
Example: https://launcher.myapps.microsoft.com/api/signin/a000aaaa-1b11-2cc2-d3d3-4eeeeee4e4ee?tenantId=0000a00a-b11b-2c22-d3d3-ee44e4444e44 (URL + Enterprise Application ID + Tenant ID)
Metadata URL
Navigate to: Enterprise Applications > Manage > Single sign-on > (3) App Federation Metadata URL
Example: https://login.microsoftonline.com/FederationMetadata/2007-06/FederationMetadata.xml?appid=a000aaaa-1b11-2cc2-d3d3-4eeeeee4e4ee (URL + Tenant ID + Metadata Specification + Enterprise Application ID)
IdP Admin Role Attribute
Navigate to: Enterprise Applications > Manage > Users and groups > Click the user/group name > Copy the Object ID
Example: a00000aa-11bb-2cc2-d333-4e444ee444e4
IdP Admin Root Attribute
Navigate to: Enterprise Applications > Manage > Users and groups > Click the user/group name > Copy the Object ID
Example: a00000aa-11bb-2cc2-d333-4e444ee444e4
Audience URL
Navigate to: Enterprise Applications > Manage > Single sign-on > (1) Identifier (Entity ID)
Value: https://haivision/external/identity
Note
This value is the same for all Command 360 environments as of 2024-09-20.
Assertion Consumer Service URL
Navigate to: Enterprise Applications > Manage > Single sign-on > (1) Reply URL (Assertion Consumer Service URL)
Example: https://manager.example.com/Haivision/Authorization/Saml2/Acs