Microsoft Azure Active Directory can be used as an Identity Provider to enable Single Sign-On (SSO) to Dell Boomi AtomSphere.
User Guide Articles
Here are some links to our AtomSphere User Guide which you may find useful when configuring Boomi for single sign-on and creating Federation Ids for Boomi users:
How to set up Microsoft Azure to use SSO with Boomi
The prerequisites and detailed configuration steps for both Azure and Boomi are described in the following Microsoft Azure Tutorial:
Each user within a SSO account will be uniquely identified by their Federation Id. Typically this will be either the user's email address or a corporate identifier, such as their employee number. The key to a successful integration is ensuring that Azure sends the correct Federation Id for the logged-on user to Boomi, and that Boomi interprets Azure's response correctly to determine the Federation Id. This can be achieved in one of two ways:
- Using the NameID in the Subject of the SAML response.
- Using a specific FEDERATION_ID attribute in the SAML response.
Building on the Microsoft Azure Tutorial, the key steps for the second of these approaches - using a specific FEDERATION_ID attribute - are highlighted below.
Configuring SAML Token Attributes in Azure
Add a new user attribute, FEDERATION_ID and map this to the value corresponding to the Federation ID configured for the Boomi single sign-on users.
(In this example, the users' email addresses have been used as Federation Ids in Boomi).
Configuring Boomi Single Sign-On Options
In the Boomi Single Sign-On Options, ensure that 'Federation Id is in FEDERATION_ID Attribute element' is selected for the Federation Id Location.