Setting up SSO : BI Book

This is a guide for how to set up SSO in your BI Book environment. Follow your organizations information security policy and guidelines.

Pre-requisites

For SSO setup BI Books support team must enable SSO in your environment
Ensure you have a global admin account in the Azure AD you are setting up SSO in.
Ensure you are a Admin or Superadmin in your BI Book enviroment

How to set up:

Set up SSO in your Azure AD following these instructions
Test your connection
Reach out to BI Book support to disable other authentication methods to ensure the security of your subdomain.

Setting up on BI Books Side

Login with your admin account
Go to the "Management" tab (if not visible you are not an admin)
Choose "Edit company"
Navigate to "SSO" (if not visible, SSO is not enabled)
Choose "SAML" as SSO method.
Setting up in Azure AD:
1. Log in as Admin to your tenant and make sure you have elevated your user rights to global admin
2. Go to your tenants Azure Active Directory
3. Navitage to "Enterprise Applications"
4. press "+ New application"
5. press "+ Create your own application"
6. Add a name for the enterprise application (For example BI Book)
7. Not necessary to change the "What are you looking to do with your application?" setting
8. Press "Create"
9. Wait for creation, can take a few minutes.
10. under "Manage" section navigate to "Single sign-on"
11. Choose "SAML" as option
12. Edit the "Basic SAML Configuration field"
13. Add the "Identifier (Entity ID)" as the "SP Entity ID from Bi Book SSO Settings.
  1. SP Entity ID
14. Add the "Reply URL (Assertion Consumer Service URL" as the SP ACS from your bibook environment
  1. SP ACS URL
15. save.
16. Go to section 3. SAML Certificates and download the "Federation metadata XML"
17. Upload the XML to Bi Book in the Admin portal.
18. Press Save.
19. Make sure you go to the corresponding app registration and set up everything properly
  1. Grant admin content to API scope. under API permissions
  2. Also under the enterprise application, make sure your "properties" tab is set up according to your needs, and user and group is assigned to the application to access it, also in your azure AD.
20. Navigate to your subdomain your_domain.bibook.com in a new browser or incognito mode or similar.
21. Press the SSO button and test your SSO configuration

BI Book

Setting up SSO Print

Pre-requisites

How to set up:

Setting up on BI Books Side

Setting up in Azure AD:

Log in as Admin to your tenant and make sure you have elevated your user rights to global admin

Go to your tenants Azure Active Directory

Navitage to "Enterprise Applications"

press "+ New application"

press "+ Create your own application"

Add a name for the enterprise application (For example BI Book)

Not necessary to change the "What are you looking to do with your application?" setting

Press "Create"

Wait for creation, can take a few minutes.

under "Manage" section navigate to "Single sign-on"

Choose "SAML" as option

Edit the "Basic SAML Configuration field"

Add the "Identifier (Entity ID)" as the "SP Entity ID from Bi Book SSO Settings.

Add the "Reply URL (Assertion Consumer Service URL" as the SP ACS from your bibook environment

save.

Go to section 3. SAML Certificates and download the "Federation metadata XML"

Upload the XML to Bi Book in the Admin portal.

Press Save.

Make sure you go to the corresponding app registration and set up everything properly

Grant admin content to API scope. under API permissions

Also under the enterprise application, make sure your "properties" tab is set up according to your needs, and user and group is assigned to the application to access it, also in your azure AD.

Navigate to your subdomain your_domain.bibook.com in a new browser or incognito mode or similar.

Press the SSO button and test your SSO configuration

reach out to support@bibook.com if you have issues.

Setting up SSO Print

Pre-requisites

How to set up:

Setting up on BI Books Side

Setting up in Azure AD:

Log in as Admin to your tenant and make sure you have elevated your user rights to global admin

Go to your tenants Azure Active Directory

Navitage to "Enterprise Applications"

press "+ New application"

press "+ Create your own application"

Add a name for the enterprise application (For example BI Book)

Not necessary to change the "What are you looking to do with your application?" setting

Press "Create"

Wait for creation, can take a few minutes.

under "Manage" section navigate to "Single sign-on"

Choose "SAML" as option

Edit the "Basic SAML Configuration field"

Add the "Identifier (Entity ID)" as the "SP Entity ID from Bi Book SSO Settings.

Add the "Reply URL (Assertion Consumer Service URL" as the SP ACS from your bibook environment

save.

Go to section 3. SAML Certificates and download the "Federation metadata XML"

Upload the XML to Bi Book in the Admin portal.

Press Save.

Make sure you go to the corresponding app registration and set up everything properly

Grant admin content to API scope. under API permissions

Also under the enterprise application, make sure your "properties" tab is set up according to your needs, and user and group is assigned to the application to access it, also in your azure AD.

Navigate to your subdomain your_domain.bibook.com in a new browser or incognito mode or similar.

Press the SSO button and test your SSO configuration

reach out to support@bibook.com if you have issues.

Related Articles