Faddom

Faddom allows you to setup user authentication from any IdP using SAML/SSO authentication. To do this, you can follow the below guide, which is based on Azure EntraID. The process for other IdPs are similar and the fields required are identical for all. If you have any issues, please contact <a href="mailto:support@faddom.com" rel="nofollow noopener noreferrer" target="_blank">support@faddom.com</a>.

To set this up, first navigate, in Faddom, to Settings &gt; Access Control &gt; Identity Providers will be presented with this page. ​

The Name is the display name in the Faddom UI, and is especially useful is you need to configutre multiple IdPs.

To set this up in Azure, you need to do the following - 

Create an Enterprise App Registration. If you are mapping an Azure environment, this is different to the App Registration needed for Azure discovery. ​

Select Create your own application. You will see the below popup and you enter the name of the Application - we recommend Faddom - and select the third option ​

Once the app is generated, open it up if it doesn't do so automatically and select Single Sign On &gt; SAML ​

Click on Edit in the Basic SAML Configuration, set the SP Entity ID in your provider, then copy the value and paste it into Faddom. ​

Copy the ReplyURL field from Faddom and paste it into the provider section ​

Copy the metadata URL or download the file to enter into Faddom ​Note: To use the metadata URL Faddom needs direct access to the URL provided. If it does not have this, please use the file from your IdP. ​

Copy the Login URL and IdP Identifier (in this example it is the Microsoft Entra Identifier) and paste the two values into the relevant field in Faddom

To allow the application to work, you need to assign a group. To do this click on Add Users and Groups

Assign user account to an application in your Microsoft Entra tenant.

Select one or more users or groups from the list by clicking them. The ones you select are listed under Selected items.

Click Select. The number of users and groups selected are shown on the Add Assignment page then click Assign

Next, a Group Claim needs to be created for the Application. To do this click on Edit on Attributes &amp; Claims

Click Add a group claim and select Groups assigned to the application ​

1. In Source Attributes select sAMAccountName 
2. Select the checkbox for Emit Group name for cloud-only...
3. Select Advance Options 
4. Select Customized the name of the group claim
5. Type the name of the attribute name faddom.roles or your chosen name
6. Save ​

Click on the Source Attribute dropdown menu, and then select the Group Name option. ​

You can then follow our guide <a href="https://support.faddom.com/en/articles/9428898-how-to-setup-user-access">How to Setup User Access</a> to setup the roles in Faddom to match a role in Azure to provide users with the permissions to access Faddom

1. Create an Enterprise App Registration. If you are mapping an Azure environment, this is different to the App Registration needed for Azure discovery. ​
2. Select Create your own application. You will see the below popup and you enter the name of the Application - we recommend Faddom - and select the third option ​
 
 
3. Once the app is generated, open it up if it doesn't do so automatically and select Single Sign On &gt; SAML ​
 
 
4. Click on Edit in the Basic SAML Configuration, set the SP Entity ID in your provider, then copy the value and paste it into Faddom. ​
5. Copy the ReplyURL field from Faddom and paste it into the provider section ​
 
 
6. Copy the metadata URL or download the file to enter into Faddom ​Note: To use the metadata URL Faddom needs direct access to the URL provided. If it does not have this, please use the file from your IdP. ​
 
 ​
7. Copy the Login URL and IdP Identifier (in this example it is the Microsoft Entra Identifier) and paste the two values into the relevant field in Faddom
 
 
8. To allow the application to work, you need to assign a group. To do this click on Add Users and Groups
 Assign user account to an application in your Microsoft Entra tenant.
 
9. Select one or more users or groups from the list by clicking them. The ones you select are listed under Selected items.
 
 
10. Click Select. The number of users and groups selected are shown on the Add Assignment page then click Assign
 
 
11. Next, a Group Claim needs to be created for the Application. To do this click on Edit on Attributes &amp; Claims
 
 
12. Click Add a group claim and select Groups assigned to the application ​
 
 
 1. In Source Attributes select sAMAccountName 
 2. Select the checkbox for Emit Group name for cloud-only...
 3. Select Advance Options 
 4. Select Customized the name of the group claim
 5. Type the name of the attribute name faddom.roles or your chosen name
 6. Save ​ 
13. Click on the Source Attribute dropdown menu, and then select the Group Name option. ​
14. Click on Save ​
15. You can then follow our guide <a href="https://support.faddom.com/en/articles/9428898-how-to-setup-user-access">How to Setup User Access</a> to setup the roles in Faddom to match a role in Azure to provide users with the permissions to access Faddom