Azure AD Authentication for FireHydrant Status Pages

With FireHydrant's status pages, you have the option of locking them behind your SSO provider so that only employees or other organization members can access them.

Prerequisite: You'll first want to configure the status page by creating it and then setting up the CNAME records. Once the page is created and accessible, you can start working through these instructions to lock it behind authentication.

Note: We currently only support SAML 2.0 for SSO-authenticated status pages. In addition, this limits access to anyone in your organization who can login via SSO and is not limited to only users with FireHydrant licenses.

Azure Active Directory SAML

1. Create SAML app

1. While signed in to Azure Active directory, go to Application > Enterprise Applications.
2. Click New Application at the top.
3. Click Create your own application.
4. Set a name for your app (we recommend Internal Status Page) and select Integrate any other application you don’t find in the gallery (Non-gallery) and click Create.

2. SAML Configuration

1. Once the app is created, go to Single Sign-On and select SAML.
2. Click Edit for Basic SAML Configuration and enter your information using the table below as a reference, where <custom domain> is the custom domain for your status page.

You will need this file in a later step.

3. Under Attributes & Claims, ensure that you have at least one claim that is mapped to a value representing the user’s email address. This is how authenticated users will be identified.
   • In this example, we have emailaddress mapped to the user.userprincipalname property since that is how this tenant stores email addresses:

3. Submit metadata to FireHydrant

Under SAML Certificates, download the Federation Metadata XML file and upload it when opening a support ticket with FireHydrant.

Your support representative will complete the setup with you from there.

Next Steps

• Learn how to use your new FireHydrant statuspage.