fbpx
Select Page

If you have Azure Directory set up for your company, you can use it to authenticate users in Sigma.

To set up Sigma as an enterprise application in Azure directory, you’ll need the following URLs

Identifier: https://api.staging.sigmacomputing.io/api/v2/saml2/2/metadata.xml

Reply URL: https://api.staging.sigmacomputing.io/api/v2/saml2/assert

Read on for step by step directions on how to set up Azure Directory for Sigma.

Step 1: Register Sigma as an Enterprise Application

Log on to Azure as Global Administrator and navigate to the Enterprise Applications (Can be found in sidebar or via search bar) and click “+New application”. You’ll be taken to the following screen:

Select Non-Gallery application and give your Application a name like “Sigma Computing.” Then click “Add”

Select the “Single sign-on” menu and choose “SAML” for the sign-on method

On this page we’ll configure SAML to work with Sigma. Start with Box 1, “Basic SAML Configuration”

Enter the Identifier: https://api.staging.sigmacomputing.io/api/v2/saml2/2/metadata.xml

Enter the Reply URL: https://api.staging.sigmacomputing.io/api/v2/saml2/assert

Then click “Save”

Select Box 2, “User Attributes & Claims”.

  • Delete all existing claims except for the “user.principalname” claim.
  • Click the user.principalname claim to modify it. Change the Source Attribute from “user.principalname” to “user.mail”. Click Save
  • Click “Add new claim”. For Name enter “firstName” and for the Source Attribute select “user.givenname from the dropdown. Click Save
  • Click “Add new claim”. For Name enter “lastName” and for the Source Attribute select “user.surname”. Click Save

When you’re done you should have three claims that look like this:

From the “SAML Signing Certificate, click the “Download” button next to “Certificate (Base64)”. We’ll use this information later to enter into Sigma.

From Box 4, Click the copy button next to the URL for “Login URL” and save it locally. We’ll enter this information into Sigma later.

Step 2: Add Users and Groups to the Sigma Application

Add the Users and Groups to the application that you would like to have access to Sigma

Step 3: Configure Sigma

As Sigma Admin, logon to Sigma and go into the Settings menu. Click the Organization tab and click “Advanced Settings”

Enter Azure AD authentication info:

Under Authentication select “SAML”.

Under Identity Provider Login URL, enter the “Login URL” (You should have obtained this when registering Sigma as an application in Azure Directory)

In the “Identity Provider X509 certificate” box, enter the base64 certificate (Certificate downloaded when registering Sigma as an application. You will need to open the certificate with a text editor and enter that text into the box.)

You’re done! To test, log out of Sigma and try logging back in via the “Log in with SAML” option

We are rewriting the rules of analytics. Sigma empowers domain experts to join the data conversation, answer the toughest questions, and drive insights.