page_type | languages | products |
---|---|---|
sample | nodejs, express, passport-saml | azure-active-directory |
To configure and test Azure AD SSO with Sample Node SAML WebApp, perform the following steps:
Follow the steps to enable Azure AD SSO in the Azure Portal.
- Create an Azure AD test user - to test Azure AD single sign-on.
- Create a Azure AD Security Group - add the test user to this group.
- In the Azure portal, select Azure Active Directory > Enterprise applications and select Create your own application.
- Enter the display name for your new application, select Integrate any other application you don't find in the gallery (Non-Gallery), then select Create.
- On the app's page, select Single sign-on under Manage section.
- Select SAML as the single sign-on method.
- On the Set up Single Sign-On with SAML page, click the pencil icon for Basic SAML Configuration to edit the settings.
- On the Basic SAML Configuration section, perform the following steps:
- In the Identifier (Entity ID) text box, type the name of the app. For eg:
node_saml_app
- In the Reply URL text box, type the URL:
https://localhost:5001/login/callback
- In the Logout URL text box, type the URL:
https://localhost:5001/logout/callback
- In the Identifier (Entity ID) text box, type the name of the app. For eg:
- On the Set up single sign-on with SAML page, in the SAML Signing Certificate section, find Certificate (Raw) and select Download to download the certificate and save it on your computer.
- On the Set up [App-Name] section, copy the the Login URL.
Follow the steps to setup and run the sample application.
-
Clone or download this repository.
git clone https://github.com/souravmishra-msft/NodeJS_SAML_App.git
-
First you start to install all the required dependencies listed under the
package.json
file by running the command:npm install
-
Once the command completes, you will find a folder named node_modules available in your project directory with all the dependencies installed in it.
-
Under the project folder, create a folder called
certificates
and copy the earlier downloaded certificate from SAML application configuration in Azure Active Directory to this newly createdcertificates
folder. -
To setup the local express server run on https follow the steps mentioned here. Store the locally created certificates using
mkcerts
under the certificates folder. -
Create a folder called config under the project directory. Under the config folder, create a main.env file and add the following in that file.
PORT = 5000 HTTPS_PORT = 5001 SSO_ENTRYPOINT = <Login URL copied from earlier> SSO_ISSUER = <App-Identifier-Name> SSO_CALLBACKURL = https://localhost:5001/login/callback SSO_CALLBACKLOGOUTURL = https://localhost:5001/logout/callback
-
Run the app using the following command:
npm run start-dev
-
Open your favourite web browser and type the following URL
https://localhost:5001
to access the sample NodeJS-SAML-App. -
Once the app runs successfully you should see the following screen.
In this section, you test your Azure AD single sign-on configuration with following options.
- Click on the Test button under the Test single sign-on with [App-Name] section in the app's page under Enterprise applications. This will redirect to NodeJS-SAML-App's signon URL where you can initiate the login flow.
- Go to https://localhost:5001/ access the sample app and initiate the login flow by clicking on the
Login
button.