Depending on your use case, Verkada Command has the ability to integrate with Azure Active Directory (AD), amongst other Identify Providers [IdPs], in the following capacities:
Security Assertion Markup Language (SAML)
System for Cross-Domain Identity Management (SCIM)
SAML handles the authentication side of things allowing Azure AD to be used to manage access to Command, the same as any other Software as a Service (SaaS) application already integrates into your Azure AD tenant. This means that you can incorporate Command into your existing identity framework and authorize users based on your current policies.
SCIM allows you to leverage your existing users and groups already present in Azure AD and synchronize these with Command. This allows you to retain the current central IdP, and configure permissions in Command using your existing users and groups.
Set up SAML in Azure AD
Verkada Command is registered as a gallery application and can be found within the Azure AD marketplace; in other words, you can leverage it with Azure AD Free, Azure AD P1, and Azure AD P2 licenses.
Add Verkada Command as an enterprise application in your Azure AD directory: Go to your Azure AD overview page and select Enterprise applications.
At the top of the page, select New Application and search for Verkada Command.
Select Verkada Command and click Create. Be patient as it can take a few minutes to add the application to your Azure AD tenant.
Once the page refreshes, you should see a similar menu (as shown below).
On Set up single sign-on, click Get started.
Choose SAML as the single sign-on method.
If necessary, click Edit to further configure your SAML connection.
Configure the following fields. You need to add your client ID to the end of each URL before adding them to Azure. See example below the note.
On Attributes & Claims, click Edit to be consistent with these attributes:
On SAML Signing Certificate, import this Federation Metadata XML into Command.
Click Download to save for later.
The next dialogs that appear contain tools that you can use after the integration has been finalized.
Upload your Federation Metadata XML in Command
After you have completed the steps in Azure and downloaded the metadata, upload the XML metadata file in Command.
Test the SAML Connection in Azure AD
Once the file is uploaded, in your Azure AD, click Test to test the integration. A notification will be sent to all users who have a Command account (invitation to org).
Log in with Sign in as current user. If everything is set up correctly, you should be redirected to the Command platform.
Log in with single-sign on to verify access to Command.
Log in via the mobile application
In the email address field, enter your email and click Next. You should be redirected to your IdP (Azure AD) to complete the login process.
Visit the Verkada Training Center for bite-sized video tutorials on how to accomplish role-based tasks in Command.
Need more help? Contact Verkada Support