Highfive Admin users on the Standard or Professional plan can enable SSO, or single sign-on, which allows your users to log-in to Highfive with an identity management solution you've already set up. This article will help you configure SSO specifically for Azure AD.
What you'll need:
- Google Chrome browser
- Be a Highfive Admin
- Azure Active Directory
- In Google Chrome, go to your Domain Dashboard.
- Click on the Authentication tab and then Start Configuration.
- In Azure, you will need to set up a new enterprise application for Azure Active Directory.
- Our Highfive application will be under the non-gallery application set up. Once the new application is set up, please follow the instructions below.
- Go to Manage>Single Sign-on.
- Grab the Highfive SSO URL from the domain dashboard and paste it into the field Reply URL in Azure.
- Next, we need to edit the SAML Token Attributes. See below for the appropriate attributes to add:
Note: Azure has some default attributes set up, you will need to delete those and add the attributes above instead.
- Copy the following information and paste them into the appropriate field. The image below is an example of where you can plug in the required details.
- SAML Signing Certificate (found in the Manage>Single Sign-on)> SAML Provider X.509 Certificate
- User Access URL (Manage>Properties) > SAML Provider URL
- SAML Entity ID (Manage>Single Sign on> Configure Chosen Name of App)> SAML Provider Issuer
- In order to apply/save the changes, we need to get the Apply Configuration button to show, which is currently hidden due to a Highfive bug we are working to resolve. To show the button:
- Navigate to the Authentication page that you should already have open under the Highfive Domain Dashboard.
- Open your Chrome settings > More Tools > Developer Tools.
- Do a search for the phrase btn green inline ng-hide using the Ctrl+F (Windows) or Command+F (macOS) keys.
- Once located, edit the attribute by double-clicking on it.
- Delete the ng-hide portion and then hit Enter.
- The green Apply Configuration option will now appear next to Test Configuration.
- Click on Apply Configuration.
- You're almost done! The next step is to actually test the configuration.
- Open an Incognito (private browsing) Chrome window and sign-into Highfive with this link. This step is highly recommended so that you are able to revert your changes within the original Chrome window if something unexpected occurs. You can open a new Incognito window by going to your Chrome settings > New Incognito window.
- If something unexpected does occur and you are not logged into Highfive properly, you can navigate back to your original Google Chrome window and click on Disable SAML, which will revert the changes.
- The correct configuration will bring you to the Highfive home page where you can start and join meetings or share your screen.
For assistance with Azure SSO set up, please contact Highfive Support at firstname.lastname@example.org.