Creating / Configuring a Microsoft Azure AD Application

Document created by user.oxriBaJeN4 Employee on Jun 4, 2019Last modified by user.oxriBaJeN4 Employee on Jun 4, 2019
Version 6Show Document
  • View in full screen mode

Various Mimecast applications can be configured to integrate with Microsoft Azure AD to perform various functions (e.g. Single Sign On). These include:

  • Mimecast Administration Console
  • Mimecast Personal Portal
  • Mimecast End User Applications (e.g. Mimecast for Mac, Mimecast Mobile).

 

To integrate these Mimecast applications with Azure AD requires an application to be created. This guide describes how to create / configure these applications, and the benefits of doing so.

 

Benefits

 

With an Azure AD application, you can:

  • Control in Azure AD who has access to the Mimecast application.
  • Enable your users to be automatically signed-in to the Mimecast application (Single Sign-On) with their Azure AD accounts.
  • Manage your accounts in the Azure portal.

 

Configuring / Creating an Azure AD Application

 

An Azure AD application must exist to accept service provider initiated SAML requests from us. If you've previously done this for another Mimecast application:

  1. Copy the Metadata URL from the previous setting.
  2. Use it on the new application.
  3. Import the certificate.

 

Creating an ApplicationIf you haven't created an Azure AD application:

  1. Log on to the Azure Portal.
  2. Select Azure Active Directory from the navigation panel.
  3. Select the App Registrations.
  4. Click on the New Registration button.
  5. Complete the Register an Application dialog as follows:
    • Name: Specify a name for the application that accurately describes its use (e.g. Mimecast Personal Portal, Mimecast Administration Console Mimecast End User Applications).
    • Supported Account Types: Select the "Accounts in this organizational directory only" option.
    • Redirect URL: Select the "Web" option and specify "https://xx-api.mimecast.com/login/saml" (xhere "xx" is, enter your location code. For example, "eu" for Europe, "us" for United States, "za" for South Africa, "au" for Australia, or "jer" for Offshore).
  6. Click on the Register button.
  7. Click on the Endpoints button.Endpoints
  8. Make a note of the Federation Metadata Document  value as this is used when configuring your Mimecast settings.

 

Adding Your Application to the Azure My Apps Portal

 

If you create an application in Microsoft Azure, you can optionally publish it to the Azure My Apps portal. 

 

Microsoft themselves have created an application to use with the Mimecast Personal Portal and Mimecast Administration Console in the Azure My Apps portal. Whilst these may be useful, Mimecast takes no responsibility for issues that may result from using them. See the following guides in the Microsoft Azure documentation for further details:

 

To optionally add your application to the Azure AD My Apps portal:

  1. Log on to the Microsoft Azure Management Portal.
  2. Navigate to your Active Directory.
  3. Select the Application you have created.
  4. Set the Sign-On URL value to "https://login-xx.mimecast.com/m/portal" where:
    • "xx" is your location code ("uk" for Europe (excluding Germany), "de" for Germany, "us" for United States, "za" for South Africa, "au" for Australia, or "webmail" for Offshore).
  5. Select Save.

 

See Also...

 

Attachments

    Outcomes