Various Mimecast applications can be configured to integrate with Microsoft Azure AD to perform various functions (e.g. Single Sign On). These include:
- Mimecast Administration Console
- Mimecast Personal Portal
- Mimecast End User Applications (e.g. Mimecast for Mac, Mimecast Mobile).
To integrate these Mimecast applications with Azure AD requires an application to be created. This guide describes how to create / configure these applications, and the benefits of doing so.
With an Azure AD application, you can:
- Control in Azure AD who has access to the Mimecast application.
- Enable your users to be automatically signed-in to the Mimecast application (Single Sign-On) with their Azure AD accounts.
- Manage your accounts in the Azure portal.
Configuring / Creating an Azure AD Application
An Azure AD application must exist to accept service provider initiated SAML requests from us. If you've previously done this for another Mimecast application:
- Copy the Metadata URL from the previous setting.
- Use it on the new application.
- Import the certificate.
- Log on to the Azure Portal.
- Select Azure Active Directory from the navigation panel.
- Select the App Registrations.
- Click on the New Registration button.
- Complete the Register an Application dialog as follows:
- Name: Specify a name for the application that accurately describes its use (e.g. Mimecast Personal Portal, Mimecast Administration Console Mimecast End User Applications).
- Supported Account Types: Select the "Accounts in this organizational directory only" option.
- Redirect URL: Select the "Web" option and specify "https://xx-api.mimecast.com/login/saml" (xhere "xx" is, enter your location code. For example, "eu" for Europe, "us" for United States, "za" for South Africa, "au" for Australia, or "jer" for Offshore).
- Click on the Register button.
- Click on the Endpoints button.
- Make a note of the Federation Metadata Document value as this is used when configuring your Mimecast settings.
Adding Your Application to the Azure My Apps Portal
To optionally add your application to the Azure AD My Apps portal:
- Log on to the Microsoft Azure Management Portal.
- Navigate to your Active Directory.
- Select the Application you have created.
- Set the Sign-On URL value to "https://login-xx.mimecast.com/m/portal" where:
- "xx" is your location code ("uk" for Europe (excluding Germany), "de" for Germany, "us" for United States, "za" for South Africa, "au" for Australia, or "webmail" for Offshore).
- Select Save.