Digital Campus / Azure Active Directory SAML Integration

Use the SAML Service Provider Metadata XML file provided by Swank to import our configuration into your SAML Provider. You can download the file here.

Step 1 – Configure Azure AD Enterprise Application

Sign into the Azure Portal
Navigate to Azure Active Directory / Enterprise Applications
Select New Application
- If you do not see "Non-gallery application" and do see this prompt:
  
  Click the prompt to switch back to the old gallery experience.
Select Non-gallery application
Enter your application name ( “digitalcampus.swankmp.net” ) and Click Add.
On Properties, Select “Set up Single sign on”
Select SAML
Select Upload metadata file
Use the Digital Campus ServiceProviderMetadata.xml file which can be downloaded from here then click Add. This imports the following:
- Identifier (Entity ID)
- Reply URL (Assertion Consumer Service URL)
- Logout Url
- SAML Signing Certificates

Confirm Basic Settings
Edit SAML Signing Certificate and change Signing Option to “Sign SAML response and assertion”.
Download Federation Metadata XML File. This file will be used in the SAML setup of Digital Campus Portal

Click Save.

Select Users and Groups add Test Users or Groups

Select appropriate users and click Assign. These will be authorized users for the application.

*For additional information on mapping Group Membership information to SAML, please use the following supplemental guide:
Mapping Group Membership Information to SAML - Azure AD

Step 2 – Configure Digital Campus SAML Authentication

Log Into your Digital Campus portal and select the Admin section
Before proceeding further, if you do not see "SAML External" in the left menu under Authentication, You will need to request your Authentication mode be changed to SAML. Please ask your Account Manager to revised this, then proceed as follows
Select Authentication / SAML External
1. Load Settings
  1. From the Azure AD Screens Select download Federated Metadata XML file. Then Upload in the SAML External Load Settings screeen
  2. Click the Select button and Choose the XML File downloaded in the Step 1.10 and then Save. This will populate the majority of the data we need in the Digital Campus application.
  3. Signon Tab - Confirim SingleSignOnServiceUrl = Azure AD Login URL and ensure: WantAssertionSigned, and WantAssertionOrResponseSigned is checked. WantAssetionEncrypted is unchecked.
  4. Miscellaneous Tab - Confirm PartnerName/EntityID = Azure AD Identifier
  5. Certificates Tab -Confirm Partner Certificate was loaded
  6. Save Settings - Click “Save all Settings” before proceeding.
  7. Test Login Attributes Tab / Test
    1. This should trigger the SAML authentication and once complete lands on the site with this screen:
  8. Close the browser and then Log back into the Digital Campus Portal Admin section
  9. You should now see the SAML Test Results:
    
    We should now be ready to configure roles.
  10. Roles Tab / Click Add Role
    1. Enter the SAML Role Mapping that you want to use from Test Results.
      
      Example: To map email domain to User role in the application:
      
      Example: To add map specific email addresses to Instructor and Administrator roles.
      
      *For VIRTUAL SCREENINGS, only User level permission is required. We find most school's can use a single role mapping the email attribute to the entire email domain(s). Example below:
      Name = http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress
      Value = @schooldomain.edu (replace this with your schools actual email domain. "@" needs to lead the domain)
      Role = User