Azure Active Directory

Azure AD is Microsoft's enterprise cloud-based identity and access management (IAM) solution. It can be used to access your Humio repositories.

Figure 215. Azure Active Directory
To integrate Azure AD with Humio, you'll need to create an app in Azure Active Directory.
First sign in to the Azure portal. Then open Enterprise Applications and click New application.
Click Create your own application. The result will be a pop-up box link the one here:
Azure Active Directory
Figure 216. Azure Active Directory
Enter a name for the app, such as Humio. Choose Integrate any other application you don't find in the gallery and click Create.
Now you'll see a screen about creating the app. There will some large icon boxes, one of which reads, Set up single sign on. Click and then the choices of icon boxes will change. Click the one that's labeled,
SAML
.Click Edit in the Basic SAML Configuration tab and fill in theses fields:
Set
Identifier (Entity ID)
to$YOUR_LOGSCALE_URL/api/v1/saml/metadata
Set
Reply URL
to$YOUR_LOGSCALE_URL/api/v1/saml/acs
Leave
Sign on URL
andRelay State
blank.When you're done, click Save.
Click Edit under User Attributes & Claims. Then click on the first Required claim. Ensure that name identifier format is set to Email address.
To set up group synchronization, create a group claim by clicking Edit under User Attributes & Claims tab. Optionally, assign users by selecting Users and Groups. There you'll assign users or groups to your application.

Figure 217. Relay State
You finished configuring Azure AD to work with Humio. Now, you need to configure Humio to work with Azure AD.
To do this, you will need some information from the Azure AD configuration, which you can find by clicking on the View step-by-step instructions under Set up Humio.
You may also want to set the relay state. To do this,:
Go to Single Sign On tab in Azure AD.
Click Edit under Basic SAML Configuration (see screenshot here).
Paste the URL into the field under Relay State and Click Save when you're done.
Refer to the docs on Configure Humio for Self-Install and you can use the following examples to help you configure Humio on your own server:

Figure 218. Example Config
The last two fields must be set as follows. For copy/paste purposes, those values are:
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress
http://schemas.microsoft.com/ws/2008/06/identity/claims/groups
If the Let identity provider handle group
memberships in Humio
checkbox is selected, then users will
also need to align their Azure AD groups' Object ID with the Mapping
Name found under the External Provider tab for each
group in Humio.
Note that the “Object ID” from Azure AD has been copied into the “Mapping Name” field in Humio.

Figure 219. Mapping Name
To use SAML with Humio Cloud, go to the Identity Providers documentation page.
See the Azure Active Directory Documentation for more information on Azure AD.