Integrate Fluid with your SAML 2.0 IDP 

The instructions will link an Enterprise Application created in Azure with your Fluid instance. This will authenticate your Fluid logins against the Azure however they will also work with SAML services such as Google Workspaces and Ping. 

Please follow the instructions below to setup SAML. 

1. In the Azure Portal (portal.azure.com) search for “Enterprise Application”. Select “Enterprise Applications” and click “New Application”.
2. In the top left of the "New Application" page click "Create your own application"
   
3. Enter the name of your application. For example “Fluid”.
4. Select the radio option "Integrate any application you don't find in the gallery (Non-gallery)".
   
   
5. Click "Create".
   
   
6. Select "Single sign-on" from the menu on the left.
   
   
7. Select "SAML"
8. In section one of the page click "Edit"
9. 
10. Click on "Add identifier", enter the URL of your Fluid instance. E.g. https://domain.fluid.work”. (This should be the same link that you use to access Fluid.)
    
    
11. Click on "Add reply URL", this should be the "Identifier (Enity ID)" url with the extra path of AuthServices/Acs Eg.  https://domain.fluid.work/AuthServices/Acs”
    
    
12. 
13. Click Save, once the save has completed, then click "X" at the top right to close the dialog
    
    
14. Within your Fluid instance, click the “Administration Console” from the top right drop down menu. Then click “Authentication Providers”.
    
    
15. Turn “Allow Saml Authentication” to “Yes”.
    
    
16. Click “Add Provider” to add the App Registration that you created using the Azure Portal.
    
    
17. Choose “Office 365” from the dropdown.
    
    
18. Type a friendly name such as “Office 365” in the Name field.
    
    
19. For App Entity Id, use the Identifier (Entity ID) that you created in step 12. This is the Fluid instance URL with no trailing slashes. 
    
    
20. You will need to get the IDP information from Azure. Goto section 3 of the SAML configuration page as seen in step7, click on the "Federation Metadata XML" download link
    
    
    
    
21. Click on the downloaded xml file to open in the browser. The first line will contain the Entity Id. Copy this value to your clipboard
    
    
    
    
22. Paste it into the Entity Id field in Fluid. IMPORTANT NOTE: the trailing "/" that is part of the Entity ID is required as part of the string, eg. "https://sts.windows.net/xxxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxx/"
    
    
23. For the Federation metadata url, you will again need to go to section 3 of the SAML configuration page as seen in step7, find the "App Federation Metadata Url" and click on the copy to clipboard icon.
    
    
    
    
24. Paste the copied clipboard url into the Metadata URL textbox.
25. Click Save
    
    
26. Click “Save And Apply Settings” to save the changes and restart the Fluid Application with the new settings. Note: This button also restarts the website and can take a few minutes. During this time users will not be able to access the Fluid instance.
    
    
    
    
27. Log out of Fluid, on Login you will see the following option:
    
    
28. Click “Sign in with….” To sign into your account using Azure AD SSO. Fluid will automatically link your SSO account as defined by your email address to your configured SSO provider for authentication.
    
    
29. Congratulations you have successfully setup Azure AD SSO on your Fluid instance. For any further help please contact support and they will gladly assist you.