Creating a PrecisionLender application within Azure Active Directory to support Single Sign-On

If you'd like to set up PrecisionLender authentication via a Microsoft Azure Active Directory, you will first need to create a new Enterprise Application within your Azure AD.

  1.  Log into your Azure Portal ( https://portal.azure.com ), navigate to your Azure Active Directory, and then click on Enterprise Applications.mceclip1.png

  2. Click on New application and choose Non-gallery application.
    mceclip1.png

  3. Enter a name for the application such as PrecisionLender.
    mceclip2.png

  4. If you'd like for any AD user to be able to attempt a login regardless of assignment within your AD, go to the Properties tab and change User assignments required to No. Note that users will still need to have an active user account within PrecisionLender to actually log into the system.  This option merely allows them to attempt the SSO login process past the point of your AD.
    mceclip3.png
  5. Go to the Single sign-on tab for your application and choose the SAML option.
    mceclip5.png
  6. You will be required to enter the following two values in order to save your configuration
    1. Identifier (Entity ID): PingConnect
    2. Reply URL (ACS URL): https://sso.connect.pingidentity.com/sso/sp/ACS.saml2
      mceclip6.png

      mceclip7.png
  7. Save your configuration.  If prompted to Validate, choose No, I'll validate later
    mceclip0.png


  8. On the Single sign-on tab, Download the Federation Metadata XML file to your local computer.  You will then need to provide this file to the PrecisionLender support team in order for us to complete your SAML setup.
    mceclip8.png