SAML with Entra ID

To configure Entra ID SAML for erwin Mart Portal authentication, follow these steps:

1. Log in to the Microsoft Entra admin center.

2. Click Applications > Enterprise applications.

   

3. Click New application and create your non-gallery application with an appropriate name.

4. Open your newly created application.

   

5. Click Set up single sign on.

   

6. Under single sign-on method, click SAML.

   

7. Click Upload metadata file and select the file that you downloaded (erwin Mart Portal Configuration > Authentication tab > Download SP Metadata) during erwin Mart Portal configuration.
   Doing this retrieves and adds the necessary information for you.

   

8. In the Attributes & Claims section, click Edit.

   

9. Click Add a group claim, and in the Group Claims pane, select Source attribute.

   You can configure the group attribute name, email, and display name values here. Email and display name values are optional.

10. Click Save and go back to the Set up Single Sign-On with SAML page.

    

Your selection appears as the first column in the downloaded CSV file when you download groups. You can also add email address and display name here.

11. Copy the App Federation Metadata URL.

12. Click Users and groups > Add user/group and select the required users or groups.

    

13. Click Select. Then, click Assign.

    Your SAML SSO setup for the required users is complete.

14. Depending on your Mart version, do one of the following:

    • For Mart Portal on-premises, on the erwin Mart Portal Configuration screen, click the Authentication tab, and then follow these steps:

      1. In the MetaData XML field, paste the URL copied in step 11.

      2. In the Group Attribute Name, User Email Attribute Name, and User Display Name Attribute Name fields, enter the values that are configured in step 9.

         

         The User Email Attribute Name and User Display Name Attribute Name fields are optional.

    • For Mart Portal on cloud, share the following details with the Mart Cloud Support team:

      • Metadata XML URL

      • Group Attribute Name

      • User Email Attribute Name

      • User Display Name Attribute Name

      Once the support team authenticates erwin Mart Portal for you, you can move to adding groups in erwin Mart Portal at https://<your_instance>.myerwin.com/MartPortal.

Adding Groups in erwin Mart Portal

To add your Entra ID SAML groups to erwin Mart Portal, follow these steps:

1. Create a CSV file in the following format: <group_attribute_value>,<group_display_name>.

2. Log in to the erwin Mart Portal as an administrator.

3. Go to Application Menu > Users.
   The Users page appears.

   

4. Click Add User.
   The Add User page appears.

   

5. Under User Type, select SAML Group

   

6. Drag and drop the CSV file that you created in step 1.

7. Under Group name, select the required group.

8. In the Email Address field, enter your email address.

9. Click Save.

The group has been added.