Configure SingleStore SSO using Azure AD

Overview

These instructions describe how to configure single sign-on (SSO) for Azure AD for use with SingleStore Managed Service. To log into SingleStore, go to http://portal.singlestore.com.

Note: You may click on image to display its full size.

Configure Azure AD

  1. From the Azure AD Overview page, click Enterprise Applications in the left nav.

  2. Under All Applications, click + New Application.

    sso-azure-ad-01.png
  3. Under Browse Azure AD Gallery, click + Create your own application.

    sso-azure-ad-02.png
  4. In the Create your own application form:

    1. In the What’s the name of your app? field, enter the name of the application (SingleStore).

    2. Select the Integrate any other application you don’t find in the gallery (Non-gallery) radio button.

    3. Click Create.

    sso-azure-ad-03.png
  5. Under Getting Started, click 2. Set up single sign on.

    sso-azure-ad-04.png
  6. Under Select a single sign-on method, click SAML.

    sso-azure-ad-05.png
  7. In the Basic SAML Configuration panel, click Edit.

    sso-azure-ad-06.png
  8. In the Basic SAML Configuration form:

    1. In the Identifier (Entity ID) field, enter:

      https://auth.singlestore.com/auth/realms/memsql

      Mark this connection as the default and delete any pre-existing values (e.g., http://applicationregistry.onmicrosoft.com/customsso/primary)

    2. In the Reply URL (Assertion Consumer Service URL) field, enter:

      https://auth.singlestore.com/auth/realms/memsql/broker/YOUR-DOMAIN-NAME/endpoint

      Replace YOUR-DOMAIN-NAME with the domain name you’ll be using to sign on.

    3. Click Save and click X to exit.

    sso-azure-ad-07.png
  9. In the Test single sign-on dialog, click No, I’ll test later.

  10. In the SAML Signing Certificate panel, click Download next to Federation Metadata XML.

    Provide this file to SingleStore by opening a support request and attaching this file to the request. Include the domain name you’ll be using to sign on with (email@domain).

    sso-azure-ad-08.png
  11. Assign Azure AD users to this new SingleStore application. Don’t forget this step!

    sso-azure-ad-09.png
  12. SingleStore will contact you when Managed Service has been configured to use SSO for your organization’s Azure AD users.

  13. Log in by going to https://portal.singlestore.com, click Single Sign-On, enter your email address, and click Continue.