This article is intended for network administrators who have experience setting up Azure AD applications with SAML 2.0 authentication. It outlines how to set up, test and establish a connection with Nearmap products.
For detailed information about each of the steps outlined below, see the instructions below.
Setting up Azure AD SAML2
Add a new application named "Nearmap" to your Azure AD organization.
- Configure SAML.
- Edit the Basic SAML Configuration.
- Set the Identifier (Entity ID) to
urn:auth0:nearmap:<your Connection ID> - Set the Reply URL (Assertion Consumer Service URL) to
https://auth.nearmap.com/login/callback?connection=<yourconnection ID>.
- Configure claims as given in the table below.
Name | Required? | Source |
|---|
email
| Yes | user.mail or user.userprincipalname
(whichever is user email address in your setup) |
given_name
| Yes | user.givenname
|
family_name
| Yes | user.surname
|
phone
| No | User phone attribute |
mobile_phone
| No | User mobile phone attribute |
job_title or title
| No | User job title attribute |
org_unit
| No | User department/region attribute |
work_country
| No | User country attribute |
Use Namespace http://schemas.xmlsoap.org/ws/2005/05/identity/claims for all claims.
Obtain the metadata URL
The
metadata URL to enter in Nearmap MyAccount can be found in the "SAML
Signing Certificate" section of the application properties:
Assigning the Nearmap application to users
Depending on the options selected when you added the application, you may need to complete steps in the articles below:
