Bernard Welmers

HOW TO: AzureAD SSO with Mapped Domains

Discussion created by Bernard Welmers on Mar 30, 2018

So I asked this question of Support and they were not able to give me an answer so I played around for a while until I was able to find an answer. Now to share that answer with everyone else that is looking for how to do it in the future.

 

The error message I was getting when I tried to use Single Sign On with a mapped domain was:

AADSTS50011: The reply address 'https://Mapped.Domain.com/saml/OrganizationName' does not match the reply addresses configured for the application: 'https://OrganizationName.samanage.com'. More details: not specified

 

 

First of all setup Single Sign On with Azure AD (follow the Microsoft tutorial as it is newer and more accurate then the Samange one) - Tutorial: Azure Active Directory integration with Samanage | Microsoft Docs 

- Note if you do follow the tutorial in Azure AD > Enterprise apps (which I would suggest since that also gives you most of the URLs you need to configure samange. The one piece that it gets wrong is the URL for 

   b. In the Identity Provider URL textbox, enter Azure AD SAML Entity ID :

actually is the URL found under 

Quick Reference> Azure AD Single Sign-On Service URL

 

So now to the core of this How To.

Once you have setup Domain Mapping in Samange go back to your Azure AD Enterprise App that you created for Single Sign On. 

Go to the section for the "Samanage Domain and URLs" and check the box for "Show advanced URL settings"

Now add your mapped domain to the Reply URL location. 

 

Save your changes and give it a couple minutes to propagate and try your mapped URL and it should work now.

Outcomes