If you are converting an existing dictionary to use SAML, pay close attention to the username format<\/strong> provided by your identity provider. m-Power menu security and row-level security rules are tied directly to usernames. If the SAML username format does not match your existing usernames, you will need to update either your security rules or the usernames to ensure access works as expected.<\/p>\n\n\n\n This guide will walk through step by step how to configure SAML 2.0 Single Sign-On (SSO) between Microsoft Entra ID (formerly Azure Active Directory) and an m-Power application. Microsoft Entra ID is Microsoft\u2019s cloud-based identity and access management (IAM) service, used to enable secure authentication for users and applications. <\/p>\n\n\n\n While this guide specifically uses Microsoft Entra <\/strong>as the identity provider (IdP) example, m-Power\u2019s SAML integration is IdP-agnostic and can be configured to work with any SAML 2.0\u2013compliant provider, including Okta, Ping Identity, and others. If interested in using a different provider, please contact support@mrc-productivity.com<\/p>\n\n\n\n Within SAML, there are a few key concepts that must be understood:<\/p>\n\n\n\n IdP — This is the identity provider. There are multiple identity providers, but some of the more common ones include Microsoft Entra and Okta. It is the job of the IdP to prove that someone is who they say they are.<\/p>\n\n\n\n SP — This is the service provider. In our case, m-Power is the service provider. In reality, you would have several SPs. Each SP would interface with the IdP to ensure that a user is valid.<\/p>\n\n\n\n Assertion — Assertions are the message<\/em> that is transmitted between the IdP and the SP during communication.<\/p>\n\n\n\n Metadata — Before an IdP and and SP will communicate with each other, each (usually) needs to know information about the other. This information may contain certificates as well as other entity IDs. All this information is usually stored in the IdP\/SP metadata.<\/p>\n\n\n\n Prior to configuring SAML for m-Power, there are a few housekeeping <\/em>items required.<\/p>\n\n\n\n Next, you will need to download the SAML configuration file. You can download this file<\/a> and place it into your \/mrcjava\/WEB-INF\/classes folder.<\/p>\n\n\n\n This file ships generic and it now requires some specific information about itself (the SP). Specifically: <\/p>\n\n\n\n Change lines #14 and #19 to reference your m-Power server address:<\/p>\n\n\n\n Line #38 may<\/em> need to be changed depending on what information your IdP is sending back to m-Power about the user. If not sure, leave this value alone for the time being.<\/p>\n\n\n\n Lines 162 through 171 (Organization and Techincal\/Support contact info) should also be populated as this information will be sent along with the SP metadata.<\/p>\n\n\n\n Now that you have added in the necessary information about the SP, it’s time to turn your attention to adding information about your IdP. <\/p>\n\n\n\n Line #53 — IdP’s entity id<\/p>\n\n\n\n Line #57 — IdP’s SAML URL endpoint<\/p>\n\n\n\n This IdP information essentially instructs m-Power (the SP) where\/how to connect to your IdP.<\/p>\n\n\n\nOverview<\/h3>\n\n\n\n
SAML General Concepts<\/h3>\n\n\n\n
Configure m-Power for SAML<\/h3>\n\n\n\n
\n
<servlet>\n<servlet-name>SAMLMetadata<\/servlet-name>\n<servlet-class>com.mrc.http.security.saml.SAMLMetadata<\/servlet-class>\n<\/servlet>\n<servlet-mapping>\n<servlet-name>SAMLMetadata<\/servlet-name>\n<url-pattern>\/saml\/metadata<\/url-pattern>\n<\/servlet-mapping><\/code><\/pre>\n\n\n\n\n
![\"\"](\"https:\/\/www.mrc-productivity.com\/docs\/images\/image-65.png\")
<\/figure>\n<\/div><\/div>\n\n\n\n![\"\"](\"https:\/\/www.mrc-productivity.com\/docs\/images\/image-60.png\")
<\/figure>\n<\/div><\/div>\n\n\n\n![\"\"](\"https:\/\/www.mrc-productivity.com\/docs\/images\/image-61.png\")
<\/figure>\n<\/div><\/div>\n\n\n\nLoad IdP Information<\/h3>\n\n\n\n
![\"\"](\"https:\/\/www.mrc-productivity.com\/docs\/images\/image-62.png\")
<\/figure>\n<\/div><\/div>\n\n\n\n
![\"\"](\"https:\/\/www.mrc-productivity.com\/docs\/images\/image-63.png\")
<\/figure>\n<\/div><\/div>\n\n\n\n![\"\"](\"https:\/\/www.mrc-productivity.com\/docs\/images\/image-64-900x364.png\")
<\/figure>\n\n\n\n![\"\"](\"https:\/\/www.mrc-productivity.com\/docs\/images\/image-66-900x505.png\")