Azure Active Directory
Azure AD is Microsoft's enterprise cloud-based identity and access management (IAM) solution. It can be used to access your Humio repositories.
Figure 204. Azure Active Directory
To integrate Azure AD with Humio, you'll need to create an app in Azure Active Directory.
First sign in to the Azure portal. Then open Enterprise Applications and click New application.
Click Create your own application. The result will be a pop-up box link the one here:
Azure Active Directory
Figure 205. Azure Active Directory
Enter a name for the app, such as Humio. Choose Integrate any other application you don't find in the gallery and click Create.
Now you'll see a screen about creating the app. There will some large icon boxes, one of which reads, Set up single sign on. Click and then the choices of icon boxes will change. Click the one that's labeled,
Click Edit in the Basic SAML Configuration tab and fill in theses fields:
Identifier (Entity ID)to
Sign on URLand
When you're done, click Save.
Click Edit under User Attributes & Claims. Then click on the first Required claim. Ensure that name identifier format is set to Email address.
To set up group synchronization, create a group claim by clicking Edit under User Attributes & Claims tab. Optionally, assign users by selecting Users and Groups. There you'll assign users or groups to your application.
Figure 206. Relay State
You finished configuring Azure AD to work with Humio. Now, you need to configure Humio to work with Azure AD.
To do this, you will need some information from the Azure AD configuration, which you can find by clicking on the View step-by-step instructions under Set up Humio.
You may also want to set the relay state. To do this,:
Go to Single Sign On tab in Azure AD.
Click Edit under Basic SAML Configuration (see screenshot here).
Paste the URL into the field under Relay State and Click Save when you're done.
Refer to the docs on Configure Humio for Self-Install and you can use the following examples to help you configure Humio on your own server:
Figure 207. Example Config
The last two fields must be set as follows. For copy/paste purposes, those values are:
Let identity provider handle group memberships in
Humio checkbox is selected, then users will also need to align
their Azure AD groups' Object ID with the Mapping Name found under the
External Provider tab for each group in Humio.
Note that the “Object ID” from Azure AD has been copied into the “Mapping Name” field in Humio.
Figure 208. Mapping Name
To use SAML with Humio Cloud, go to the Identity Providers documentation page.
See the Azure Active Directory Documentation for more information on Azure AD.