Skip to main content

Integrate Microsoft Azure SSO

Last updated on

Overview

Microsoft Azure SSO (Single Sign-on) to enable your users to use their existing Microsoft account to log in to AccelByte Development Toolkit (ADT) Web.

This guide will show you how to integrate ADT Web with Azure Active Directory.

Prerequisites

  • You need access to the Azure Portal.
  • You need access to ADT Web as an Administrator.

Notes and limitations

  1. By default, the system assigns users the Guest permission when they log in to ADT Web using a Microsoft account. Administrators can change their roles and permissions and promote their account to a different permission.
  2. We can only receive email and display names from Microsoft. Currently, we don't support reading custom permissions/custom fields from Azure Active Directory.
info

Support question? Contact us at blackbox-support@accelbyte.net.

Create the Azure App

  1. Go to the https://portal.azure.com/ sign-in page. Microsoft Azure sign in page

  2. Sign in to Microsoft Azure.

  3. Navigate to Azure Active Directory.

    Azure Active Directory

    The AccelByte Overview screen displays.

  4. On the left side bar, select Enterprise applications.

    Enterprise applications selection

  5. On the Enterprise applications page, click the New application button in the top left corner.

    New application button

  6. In the Browse Azure AD Gallery page, click Create your own application from the toolbar.

    Browse Azure AD Gallery

  7. Fill in the name of your app. For example, ADT Azure AD App.

  8. Select the default option for the What are you looking to do with your application? option.

  9. Click the Create button at the bottom of the screen.

    Create your own application page

Your Azure App is successfully created. The default page for your app displays.

Set up the SSO

Follow these steps to set up the SSO.

  1. In the Overview page, click:

    • The 2. Set up single sign on box in the Getting Started section
    • The Single sign-on option from the side bar Single sign on option
  2. On the Single sign-on page, select SAML as the single sign-on method.

    BlackBox Azure AD page

Configure SAML-based sign-on

These steps guide you through setting up the SAML-based sign-on.

BlackBox Azure AD App page

  1. In the Basic SAML Configuration panel, click the Edit button.

  2. In the Identifier (Entity ID) section, replace the default text with your own Entity ID. For example, ADTAzureID.

    info

    You need to save your Entity ID for the next part of the configuration on the ADT side.

    Basic SAML Integration page

  3. Do not close the current page. You will need to log in to ADT Web to get the information needed to fill in the fields on this page.

Configure the SSO in ADT Web

Follow these steps:

  1. In a new browser tab, log in to ADT Web as an Administrator

  2. In the Game Dropdown menu, select your namespace.

  3. On the sidebar, select Integrations, then select Microsoft Azure.

  4. Click Initialize to configure the SSO.

    Initialize button

  5. In the Entity ID field, type the value you created on the SAML-based sign-on page. In this example, we used BlackboxAzureID.

  6. Click the Initialize button to auto-complete the ReplyURL and Logout URL fields.

  7. Copy the value from the Reply URL (Assertion Consumer Service URL).

    Value of the reply URL

  8. Go to the Basic SAML Configuration page and paste the value into the Reply URL (Assertion Consumer Service URL) field.

    Reply URL - Assertion Consumer Service URL

  9. Go to ADT Web and copy the value in the Logout URL field.

    Azure panel showing Logout URL field

  10. Go to the Basic SAML Configuration page and paste the value into the Logout URL field.

    Basic SAML URL Configuration Logout URL

  11. Go to the SAML Signing Certificate section.

  12. Copy the App Federation Metadata Url value.

  13. Go to ADT Web and paste the value into the Federation Metadata URL field. Azure page showing Federation Metadata URL

  14. Click Save changes.

Integration with ADT Web is now complete. Next, you need to set the user up in Azure.

Assign a user

You need to add a user to the application you just created before the user can log in to ADT using their Microsoft account. In this example, we use BlackBox Azure AD App.

  1. Open the Enterprise Applications screen in the Azure portal.

  2. On the sidebar, select Overview, then select Users and Groups in the side bar.

    Users and Groups in the sidebar

  3. On the Users and Groups page, click the Add User/group button. This will take you to the Add Assignment page.

    Azure AD page with add user group highlighted

  4. Click the Users field.

  5. You can alternatively search for a user on the right panel.

  6. Once you have found the user you want to add, click their name to add them.

  7. Click the Select button.

    Add assignment panel

  8. You can select more than one user at a time by repeating steps 5 to 7. The number of users you have selected is shown in the Users field.

  9. When you have finished adding users, click the Assign button.

    Add Assignment panel with assignment button highlighted

    Any users you added are shown on the Users and Groups page.

    Users and Groups page

Log in to ADT Web using a Microsoft account

The next step is to test whether the users you assigned can log in to ADT Web.

Follow these steps:

  1. Go to ADT web.

  2. Enter your namespace and click Continue.

    Enter namespace

  3. Click the Microsoft icon at the bottom of the screen.

    Select Microsoft

    You will be redirected to the Microsoft Sign in page.

  4. Log in using one of the users that you just registered.

    Sign in to your namespace panel

    When the login process finishes, the ADT website displays.

    ADT website