How to setup UniversitySite SSO with Azure AD SAML - Legacy Gui

If you are considering switching to this SSO solution instead of the out of the box UniversitySite SSO, please contact Lawren Finley to find out if it's included with your subscription.

You can test your configuration without interrupting the existing login experience for your production users by following these instructions
https://docs.universitysite.com/article/579-how-to-test-saml-configuration-without-interrupting-production

If you are looking for the documentation for the current Azure AD GUI, see this article
How to Configure Azure AD SAML with UniversitySite - UniversitySite

First, you must go to the Login Settings page in UniversitySite. (Make sure you are in InstructorSite. If not, click on the left-most dropdown list at the top of the page and click on “InstructorSite”). Your page in UniversitySite should look like this now.
Now, you will drop down the menu under your name at the top right-most drop-down and click on “Global Settings”.
Now you will see the “Global Settings” page, scroll to the bottom of this page and click on “Login Settings”.
You should now see a page that looks like this. Select “Use Azure AD” and then click on “SAML Setup for Production Environment”.
Scroll down on this page until you can see these settings. You will copy and paste them into your Azure Active Directory settings in the following steps.
Now on your Azure Portal server, click on “Azure Active Directory”. Then, click on “Enterprise applications”.
Now you will see a list of all your Enterprise Applications, click on “New application” to add UniversitySite.
On the following panel, first, click on “Non-gallery application”. Next, type in “UniversitySite” for the application display “Name”. Finally, click “Add” at the bottom of that panel.
Now, let’s click on “Single sign-on” so we can configure those settings for UniversitySite.
On this panel, Click on the “SAML” button.
Now, you will see this page. We need to edit the first panel named “Basic SAML Configuration”. Click on the pencil to edit.
Now you will see this panel where we need to copy from UniversitySite the desired URLs.
1. copy the “UniversitySite’s Identifier” from your UniversitySite browser window and paste it into the “Identifier (Entity ID)” field.
2. copy the “UniversitySite SSO URL” from your UniversitySite browser window and paste it into the “Reply URL” field.
3. copy the same value you pasted in step a. above and paste it in replacing the http with https in the “Sign on URL”.
4. copy the “UniversitySite SLO URL” from your UniversitySite browser window and paste it into the “Logout URL” field.
5. Finally, click the save button. After the values are saved, you can close this panel.
Scroll down on the panel you are viewing until you see the #3 panel named “SAML Signing Certificate”. Click on the pencil button to edit.
Now, you will see a panel like this, we need to change the “Signing Option” drop down box to select “Sign SAML response and assertion”. Then click the “Save” button and after saving completes, close the panel.
Now we need to enter some info from our Azure AD enterprise app into UniversitySite. You will find the info on this page: (see picture below)
1. First, we need to download the “Certificate (Base64) so that we can add it to UniversitySite in the next step. Open this downloaded file in notepad; select all and copy it from there into your clipboard. Then go to your UniversitySite browser window and paste it into the “Provider’s Cert”.
2. copy the “Login URL” to your UniversitySite browser window and paste it into the “Provider’s SSO URL” field.
3. copy the “Azure AD Identifier” to your UniversitySite browser window and paste it into the “Provider’s URL” field.
4. copy the “Logout URL” to your UniversitySite browser window and paste it into the “Provider’s SLO URL” field.
Save all the settings changes you made in UniversitySite.
Finally, you will need to add users and/or groups to your Azure Active Directory settings for UniversitySite in your Azure portal.