Setting up SSO for Helm CONNECT is a combination of steps: some are completed on your company's IdP account (likely by your IT department), and other steps are done in Helm CONNECT. This article will help you configure SSO for Helm CONNECT with Microsoft Azure Active Directory (Azure AD).
Create a New Application
The first step is creating a new Azure AD application called Helm CONNECT.
To create a new application:
- Sign in to Microsoft Azure.
- Under Azure services, click Azure Active Directory.
- From the menu bar on the left, click Enterprise applications.
- Click New application.
- Click Create your own application to enter the information in the screenshot below, then click Create.
Configure the Helm CONNECT Application
Once you’ve created the new Helm CONNECT application, you'll assign the users and groups who can log into Helm CONNECT, and configure SAML as your single-sign-on method.
Assign Users and Groups
You can now assign the users and groups who will have permission to log into Helm CONNECT.
To assign users and groups:
Go to Getting Started > 1. Assign users and groups and click Assign users and groups.
NoteIf you need help with this step, please contact your IT department.
Now, let's configure SAML as your single-sign-on method for Helm CONNECT. At the end of this step, we’ll ask you to send us some information we need to complete the configuration for you.
To configure SAML:
- Go to Getting Started > 2. Set up single sign-on, and click Get started.
- Under Select a single sign-on method, click SAML.
- Under Basic SAML Configuration, click Edit to enter the information in the screenshot below, then click Save.
NoteIn the screenshot below, we used “tenant” as a placeholder for the tenant name in your Helm CONNECT URL. When filling out these fields, please replace “tenant” with your real tenant name. For example, if your Helm CONNECT URL is https://hms.helmconnect.com then "hms" is your tenant name.
- Under SAML Certificates, please send us the following information in an email:
- App Federation Metadata Url: Copy this URL, then paste it into the email.
- Certificate (Base64): Download this CER file, then attach it to the email.
- Send your account manager the email containing the URL and the CER file.
- Log out of Microsoft Azure and wait to hear from us. It shouldn’t take long!