MEX 16 -SSO Setup Guide - Microsoft Entra

Setting Up Azure SSO – Creating the Enterprise App

1. Visit the Microsoft Entra admin website: https://entra.microsoft.com
2. On the top-middle navigation bar, search 'Enterprise Applications', then click on the 'Enterprise applications' search result.

3. Click on the 'New Application' button.

4. Creating the application

• Set a name for the SSO application, for example 'MEX SSO'.
• Don't change the default option 'Non-gallery'.
• Click the bottom 'Create' button.

5. On the left-sidebar click 'Single sign-on'. On the 'Select a single sign-on method' page, click the 'SAML' button.

Setting Up Azure SSO – Apply SSO SAML Settings

1. On the 'Set up Single Sign-On with SAML' page, under the section 1 'Basic SAML Configuration' section, click the top-right 'Edit' button.

2. This will pop-up a right-sidebar menu titled 'Basic SAML Configuration'.

• Under 'Identifier (Entity ID)', click the 'Add Identifier' text. Set the 'Identifier (Entity ID)' to:
  https://YourWebsiteName.mexcmms.com/
   
• Under 'Reply URL (Assertion Consumer Service URL)', click the 'Add Reply URL' text. Set the 'Reply URL (Assertion Consumer Service URL)' to:
  https://YourWebsiteName.mexcmms.com/SAML/AssertionConsumerService
   
• Set the 'Relay State (Optional)' to:
  https://YourWebsiteName.mexcmms.com/
   
• If your hosted MEX URL address is for example: 'https://SimpleSolutions.mexcmms.com/' the name would be 'SimpleSolutions'. For the last 3 steps above, replace the text 'YourWebsiteName' with your website name with: 'SimpleSolutions'.

Click the top 'Save' button to save the changes.

3. Back on the 'Set up Single Sign-On with SAML' page, scroll down to section 3 'SAML Certificate'.

There are two options available:

• Send MEX your Federation Metadata URL
• Download the certificate and send the required information manually

Option 1: Send the Federation Metadata URL

To provide the Federation Metadata URL, follow these steps:

• Copy the ‘App Federation Metadata Url’ value
• Email it to support@mex.com.au (note your MEX hosted website address e.g. 'https://SimpleSolutions.mexcmms.com/')
• MEX will contact you to confirm once everything has been set up

Option 2: Manually send the certificate and configuration details

To manually provide the required information, follow these steps:

1. Click the “Download” button next to “Certificate (Base64)”
2. This will download the certificate file 
    
   

Because the MEX email provider blocks .cer files, you will need to rename the file  before  sending it. For example, rename “MEX SSO.cer” to “MEX SSO.txt”. Changing the  extension to .txt will allow the file to be delivered successfully.

1. You will need to copy URL addresses from the Microsoft Entra page. Under section 4 'Set up MEX SSO'. 
    
2. Email 'support@mex.com.au’ , attach the certificate file e.g. 'MEX SSO.txt' and on the email note your MEX hosted website address e.g. 'https://SimpleSolutions.mexcmms.com/'. 
    
3. You will also need to copy the relevant URL values from the Microsoft Entra page under Section 4: “Set up MEX SSO.” These URLs are the ‘Login URL’ and ‘Logout URL.’

 
MEX will contact you to confirm once everything has been set up