AutomationEdge SSO Login Configuration with Azure AD (SAML 2.0)

AutomationEdge SSO Login Configuration with Azure AD (SAML 2.0)

1. Prerequisites

  1. Admin access to Azure AD and AutomationEdge (AE).
  2. AE should be accessible over HTTP/HTTPS (e.g., http://aeserver:8080/aeui).

2. Create Azure AD Enterprise Application
1. Log in to Azure Portal.
2. Navigate to Azure Active Directory ® Enterprise Applications ® + New Application.
3. Select Create your own application.
4. Name it AutomationEdge-SAML-App.
5. Choose Integrate any other application you don’t find in the gallery (Non-gallery app) ®
Create.


3. Configure Basic SAML Settings
Field                               Value
Identifier (Entity ID)       automationEdge-saml-app
Reply URL (ACS)             https://aeserver/aeui/index.jsp
Sign on URL                    https://aeserver/aeui/index.jsp
Relay State                      (Optional)
Logout URL                     (Optional)

Replace aeserver with your AE server hostname or IP address. Click Save.


4. Configure User Attributes & Claims
Claim Name                                           Value
emailaddress                                           user.mail
name                                                        user.userprincipalname
orgCode                                                 <Your Organization Code> (e.g., PRAKASH)
username                                                user.userprincipalname (unique name)
lastName                                                 user.surname
firstName                                                 user.givenname
Unique User Identifier (Name ID)          user.userprincipalname

Ensure all attributes exist for assigned users. Click Save.


5. Assign Users to the Azure App
Navigate: Users and Groups ® Add user/group ® Select required users ® Assign.


6. Get Azure SSO URLs
Azure Field                                               Use in AE
Identity Provider Single Sign-On URL   AE Single Sign-On URL
Identity Provider Single Logout URL      AE Single Logout URL
Certificate (Base64) Import into             AE keystore if required


7. Create Keystore (.jks) File in PKCS12 Format
keytool -genkeypair -alias myserver -keyalg RSA -keysize 2048 -validity 365 -keystore mykeystore.jks -storetype JKS -storepass changeit -keypass changeit -dname "CN=localhost, OU=Dev, O=MyCompany, L=MyCity, ST=MyState, C=IN"



8. Configure SSO in AutomationEdge

Field                                     Example / Source
Protocol                                     SAML 2.0
Client ID / SP Issuer             http://aeserver:8080/aeui/index.jsp
Keystore                                 Select the generated .jks file
Keystore Alias                            aealias
Keystore Password             (as set above)
Single Sign-On URL             Paste from Azure
Single Logout URL               Paste from Azure
Redirect URI                         https://aeserver/aeui/index.jsp
Logout Redirect URI             https://aeserver/aeui/logout.jsp

Click Save.

9. Update AE UI Configuration
Open: /aeui/WEB-INF/web.xml
Comment out POST if present.
Save and restart AE services.

10. Create SSO User in AE
Field                              Value
User Type                   SSO User
Username                  Same as Azure user.userprincipalname
IDP Username          Same as Azure user.userprincipalname
Role                           ROLE_TENANT_USER
OrgCode                   As defined in Azure Claim

Click Create.

11. Test the SSO Login
1. Open AE portal: https://aeserver/aeui
2. Click Sign In with SSO ® Enter Organization Code
3. Login with Azure AD credentials

You will be redirected to the AutomationEdge Home Page confirming successful SSO login via
Azure AD (SAML 2.0).


      Links to better reach 

            Bot Store

             EPD