Click on images to see them in full screen
9AFE2D42BF1F8720802588AF005CDBC3Single Sign On (SSO)
Door Tablet provides the ability to set up SSO. This document describes how to configure Door Tablet BOOKER with Microsoft Azure Active Directory.
The overall steps are:
- Create a sub-domain for use with SSO. In the example below we use bookersso.door-tablet.com
- Create an SSL certificate for the sub-domain and implement it in the Door Tablet server
- Enable the sub-domain to open the Door Tablet BOOKER
- Create an Enterprise Application in Azure
- Setup SSO in Door Tablet for use with BOOKER - send us your Federation Metadata XML
- Test your setup
Platforms
Many platforms support SSO using SAML. In this page we show the implementation on
Google Workspace and with more details on
Microsoft 365.
Google Workspace (full protocol on Microsoft 365 only)
Go to
https://admin.google.com
Navigate to Security/Authentication/SSO with SAML, as follows:
Open
https://admin.google.com/u/1/ac/security/ssocert?hl=en
Microsoft 365
Create an Enterprise Application
Open
https://aad.portal.azure.com
Select Enterprise application
Click on New application
Click on Create your own application
Name the application and select the last option. Here we called it BookerSSO - you can call it anything you like.
Once the application is created, you will be directed to the configuration page of the application.
Click on SAML
In the SAML configuration, edit step 1 to add the two items:
Update the fields and save:
Note: the above sub domain will need to point in DNS to the Door Tablet host. Additional configuration in Door Tablet will make this work.
Once you save the data, you will see the following. Test it later:
Now download the federation Metadata XML file, as visible in step 3:
Assign a users or a groups to your application so that they can authenticate:
Door Tablet Admin UI tasks
The next following steps are performed on the Door Tablet Web UI
- Define a sub domain in DNS that points at the Door Tablet server
- Create a site record which uses the dedicated sub domain above
- Create a Web SSO configuration
- Create a record in the idPcatalog
Create a site record
At this point we assume that you have created a DNS record that points at the Door Tablet server. For example, "bookersso", hence the full domain could look like so: bookersso.MyCorp.com. In the example below we use bookersso.door-tablet.com.
Then fill the form. Remember to select SAML for the authentication type.
When the above is complete you need to send an email to support@door-tablet.com with the following files:
- The Federation Metadata XML you have downloaded above from Azure
- A a file from you server found in the data directory, named names.nsf.
- We will send you back two files which you will place on the same data directory