Skip to main content

logoCorrectSize.png

Workday Adaptive Planning Knowledge Center

SAML SSO Azure AD

Explains how to configure service provider initiated logins for Microsoft Azure AD.

You can obtain your Single Sign-on URL from Adaptive Planning by providing place holder values for the required fields and your SSO certificate in Administration > SAML SSO Settings. After saving the page with placeholder values, reload it to see the SSO URL at the bottom. Use this URL as both the Reply URL and Identifier (Entity ID) in Azure AD.

Visit Microsoft Azure's Tutorial: Azure Acitive Directory integration with Adaptive Planning for more.

Set up Azure

  1. Log in to your Azure AD administrator interface.
  2. Navigate to Enterprise applications. Then go to All Applications.
  3. To add a new application, click New application on the top of the dialog.
  4. In the search box, type Adaptive Insights, select Adaptive Insights from the result panel. Click Add.

Configure Azure AD Single Sign-on

  1. In the Azure portal, on the Adaptive Planning application integration page, click Single sign-on.
  2. On the Single sign-on dialog, select Mode as SAML-based Sign-on to enable single sign-on.
  3. In the Adaptive Planning Domain and URLS section:
    1. In the Identifier(Entity ID) text box, enter the url using the following pattern: https://login.adaptiveinsights.com:443/samlsso/<unique-id>
    2. In the Reply URL textbox, enter a URL using the following pattern: https://login.adaptiveinsights.com:443/samlsso/<unique-id>

You can get the Identifier(Entity ID) and Reply URL values from the Adaptive Planning Manage SAML SSO settings page

  1. On the SAML Signing Certificate section, click Certificate (Base64) and then save the certificate file on your computer.
  2. Click Save.
  3. On the Adaptive Planning Configuration section, click Configure Adaptive Planning to open Configure sign-on window. Copy the SAML Entity ID, and SAML Single Sign-On Service URL from the Quick Reference section.
  4. In a different web browser window, log in to Adaptive Planning as an administrator.
  5. Navigate to Administration and click Manage SAML SSO Settings.
  6. On the SAML SSO Settings page:
    1. In the Identity provider name textbox, type a name for your configuration.
    2. Paste the Azure AD Identifier value copied from Azure portal into the Identity provider Entity ID textbox.
    3. Paste the SAML Single Sign-On Service URL value copied from Azure portal into the Identity provider SSO URL textbox.
    4. Paste the SAML Single Sign-On Service URL value copied from Azure portal into the Custom logout URL textbox.
    5. To upload your downloaded certificate, click Choose file.
    6. Select the following, for:
      •   SAML user id, select User’s Adaptive Planning user name.
      •   SAML user id location, select User id in NameID of Subject.
      •   SAML NameID format, select Email address.
      •   Enable SAML, select Allow SAML SSO and direct Adaptive Planning login.
    7. Click Save.
    8. Click Manage SSO settings.
    9. Copy Adaptive Planning SSO URL and paste into the Identifier(Entity ID) and Reply URL textboxes in the Adaptive Planning Domain and URLs section in the Azure portal.
    10. Click Save.

Create an Azure AD test User

  1. In the Azure Portal, on the left navigation pane, click the Azure Active Directory icon.
  2. To display the list of users, go to Users and groups and click All users.
  3. To open the User dialog, click Add on the top.
  4. On the User dialog page:
    1. In the Name textbox, type BrittaSimon.
    2. In the User name textbox, type the email address of BrittaSimon.
    3. Select Show Password and write down the value of the Password.
    4. Click Create.

Create an Adaptive Planning test user

  1. Log in to Adaptive Planning as an administrator.
  2. Navigate to Administration.
  3. Click Users.
  4. Click New User.
    1. Enter the Name, Login, Email, and Password of a valid Azure Active Directory user you want to provision.
    2. Select a Role.
    3. Click Submit.

Assign the Azure AD Test User

These steps let Britta Simon, created earlier as an Azure AD test user, access Adaptive Planning using single sign-on.

  1. In the Azure portal, open the applications view and navigate to the directory view and go to Enterprise applications and click All applications.
  2. In the applications list, select Adaptive Planning.
  3. In the menu on the left, click Users and groups.
  4. Click Add button. Then select Users and groups in the Add Assignment dialog.
  5. On Users and groups dialog, select Britta Simon in the Users list.
  6. Click Select on Users and Groups.
  7. Click Assign on Add Assignment.

Test the SSO (Service Provider Initiated)

Login to the Adaptive Planning company without a password and you will be redirected to the SSO login page:

Enter your credentials and complete the SSO login.
SAML SSO Azure AD Credentials

You should be logged in to Adaptive Planning.

Test the SSO (Identity Provider Initiated)

  1. In the Azure Portal, go to Azure Active Directory > Enterprise Applications > Adaptive Planning > Properties.
  2. Copy the User access URL.
  3. Open a new browser window, paste the User access URL into the URL bar, and press Enter.

Logging in to Excel Interface for Planning and Office Connect using SAML SSO

Once SAML SSO has been successfully configured and tested, Excel Interface for Planning and OfficeConnect users only need to provide their usernames in the login form. Leave the password field blank.

  • Was this article helpful?