Azure SAML – Route4Me Entra ID SAML Azure Integration

Route4Me’s SAML SSO Integration enables you to log into Service Provider websites, such as Route4Me, with your existing user identity from your own website or app, such as Azure. Creating an app integration between Route4Me and Azure is a straightforward process. In this guide, you can learn how to create an Azure SAML integration with Route4Me, choose your preferred settings, and more. Additionally, you can learn how to set your preferred SSO (Single Sign-On) settings. Security Assertion Markup Language (SAML) Single Sign-On (SSO) Flow.

 

Table of Contents

 

Retrieve Service Provider Configuration Data

Service Provider configuration data is required to connect the Service Provider to the Identity Provider. This configuration includes details such as the Service Provider’s “entity_id“, SAML assertion consumer URL, and certificate.

To do so, first send a “GET” request to the Service Provider configuration endpoint (https://wh.route4me.com/modules/api/v5.0/saml/sp-config) like in the example below:

curl -X GET "https://wh.route4me.com/modules/api/v5.0/saml/sp-config" \
-H "Authorization: Bearer [YOUR_API_KEY]"

 

Then, you should receive the following expected response:

{
"entity_id": "https://sp.example.com",
"assertion_consumer_service_url": "https://sp.example.com/assertion-consume",
"x509_cert": "MIIDDzCCA...qrrMZbUU",
"metadata_url": "wh.route4me.com/modules/api/v5.0/saml/metadata",
}

In detail, the parameters in the response correspond to the following data:

  • entity_id: Unique identifier of the Service Provider.
    NOTE: You’ll need the “entity_id” for Entra ID (Azura) SAML configuration later.
  • assertion_consumer_service_url: Endpoint where SAML assertions will be sent by the Identity Provider.
    NOTE: You’ll need the “assertion_consumer_service_url” for Entra ID (Azura) SAML configuration later.
  • certificate (cert): Public certificate for encryption or validation.
  • metadata_url: Endpoint for downloading the Service Provider’s metadata XML.

 

Route4Me Azure Application Setup – Create Route4Me Enterprise Application On Microsoft Entra ID

To create a Route4Me Azure SAML integration, create a new application entry in Azure. To add a Route4Me Enterprise Application to your Azure SAML tenant, sign in to the Microsoft Entra admin center as at least a Cloud Application Administrator. Go to “Identity” from the Navigation Menu, select “Applications“, “Enterprise applications” and then, under the “Management” section, select “All applications“. On the “Enterprise applications” screen, click the “New Application” button.

To create a Route4Me Azure SAML integration, create a new Enterprise Application in Entra ID Azure.

 

Then, on the “Browse Microsoft Entra Gallery” screen, click the “Create your own application” button. This will open the “Create your own application” panel. Enter a name for your Route4Me Entra ID SAML Integration in the “What is the name of your app” field and click the “Create” button.

Enter a name for your Route4Me Entra ID SAML Integration in the What is the name of your app field and click the Create button.

 

Assign Users To Route4Me Azure SAML Enterprise Application

Once your Enterprise Application is created, its respective “Overview” window will open. There, you can view the respective “Application ID” and “Object ID“, as well as execute a variety of functions, such as assigning users and groups to the Enterprise Application. To do so, click the “Assign users and groups” button or go to the “Users and groups” tab from the “Manage” menu.

Once your Enterprise Application is created, its respective Overview window will open. There, you can view the Application ID and Object ID, as well as execute a variety of functions, such as assigning users and groups to the Enterprise Application.

 

This will take you to the “Users and groups” tab. There, click the “Add user/group” button to select which users and groups to add. Additionally, you can learn more about adding users and groups to Entra ID Azure. NOTE: If you need to use groups and pass them in the SAML response, your tenant needs to have Entra ID P1 or P2 licenses (formerly Azure Active Directory P1 or P2).

Add users and groups to Entra ID Azure SAML app to configure SSO settings.

 

Set Up Route4Me Azure SAML Entra ID SSO (Single Sign-On)

To set up SSO, click the “Get started” button under “Set up single sign on” in the overview window, or go to the “Single sign-on” tab from the “Manage” menu.

To set up SSO, click the Get started button under Set up single sign on in the overview window, or go to the Single sign-on tab from the Manage menu.

 

Then, on the “Select a single sign-on method” screen, select “SAML“.

To set up SSO, click the Get started button under Set up single sign on in the overview window, or go to the Single sign-on tab from the Manage menu.

 

After that, in the “Set up Single Sign-On with SAML” section, click the “Edit” button in the “Basic SAML Configuration” panel. Enter your entity_id in the “Identifier” field, for example, your domain name. Then, in the “Reply URL” field, enter your assertion_consumer_service_url.

NOTE: To ensure that SAML responses and assertions are signed in Entra ID (Azure AD), navigate to the “SAML Certificates” section in your Enterprise Application settings. Ensure that “Signing Option” is set to “Sign both Response and Assertion“.

Finally, click the “Save” button to save your basic SAML SSO settings.

in the Set up Single Sign-On with SAML section, click the Edit button in the Basic SAML Configuration panel to set your basic SAML SSO settings.

 

Once you’ve saved your settings, download the SAML Certificate in the Base 64 format by clicking “Download” next to it. Additionally, make note of the certificate expiration date, and whenever required, reissue it. Furthermore, Entra ID Azure will create the following entries for you in the SAML Blade: Login URL, Microsoft Entra Identifier, Logout URL. Record these values.

The information that needs to be shared with Route4Me to create an Entra ID Azure SAML Integration with SSO includes the following:

  • Identifier (Entity ID) from the Basic SAML Configuration settings
  • x509 Certificate (Base 64) downloaded from the Enterprise application SAML settings
  • Login URL
  • Microsoft Entra Identifier
  • Logout URL

Entra ID Azure will create the following entries for you in the SAML Blade: Login URL, Microsoft Entra Identifier, Logout URL. Record these values and download the SAML Certificate.

 

Azure Entra ID SAML SSO Integration Request Code Snippet

To set up Azure Entra ID SAML SSO Integration on the Route4Me side, you can use the following API request:

curl -X POST "https://wh.route4me.com/modules/api/v5.0/saml" \
-H "Authorization: Bearer [YOUR_API_KEY]" \
-H "Content-Type: application/json" \
-d '{
"entity_id": "https://idp.example.com",
"single_sign_on_service": "https://idp.example.com/login",
"x509_cert": "MIIDDzCCA...qrrMZbUU"
}'

 

To set up the Field Mapping, you can use the following API request:

curl -X POST "https://wh.route4me.com/modules/api/v5.0/saml/mapping" \
-H "Authorization: Bearer [YOUR_API_KEY]" \
-H "Content-Type: application/json" \
-d '{
"member_email": "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name",
"member_first_name": "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname",
"member_last_name": "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname"
}'

 

Was this article helpful?
Still can't find what you're looking for? Contact us

Recently Viewed Articles

You have not viewed other articles
Route4Me

About Route4Me

Route4Me has over 40,000 customers globally. Route4Me's Android and iPhone mobile apps have been downloaded over 2 million times since 2009. Extremely easy-to-use, Route4Me's apps create optimized routes, synchronize routes to mobile devices, enable communication with drivers and customers, offer turn-by-turn directions, delivery confirmation, and more. Behind the scenes, Route4Me's operational optimization platform combines high-performance algorithms with data science, machine learning, and big data to plan, optimize, and analyze routes of almost any size in real-time.