Versions Compared

Old Version 12

changes.mady.by.user Anantha Kumar

Saved on

compared with

New Version Current

changes.mady.by.user Anantha Kumar

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Create a SAML App in Azure AD

Navigate to the Azure portal (https://portal.azure.com/) using an Administrator account.

...

Info

Your RX URL is usually https://<company>.rx-cloud.com.
In this example the URL of the ResourceXpress server is https://app.rx.com.

The ACS URL is the same URL as above with /SsoConsumer added to the end.

...

Three new claims will need to be added, see the below table for the Name and Source attribute values required.

Name

Source attribute

email

user.mail

firstname

user.givenname

lastname

user.surname

Note

Do not include the full schema address
(i.e. http://schemas.xmlsoap.org/ws/2005/05/identity/claims/<claimname>) in the name.

...

Info

The default claim names and their values can stay as is and , there is no need to delete them.

RFID

...

, Access Code & Other values (optional)

This requires Auto create user records from SSO to be enabled.

In addition to syncronising synchronising users' details, it is also possible to retrieve other attributes from the Azure Active Directory, which can be used to populate the Access Code, RFID, and RFID other values in the ResourceXpress local user's database.

To configure this you will need to add two more claims, see the table below for the details to useoptional claims.

Claim Name

Source attribute

Information

rfid

optional

accesscode

optional

The RFID value as read by the ResourceXpress system, used for screen authentication.

accesscode

The users Access Code/PIN, used for screen authentication.

defaultlocation

The ID number for the Location that the user will have default access to.

Info

This requires a single Location ID value.

To get the Location ID number, navigate to the location edit screen.

Administration Settings → System Settings → Locations

Then select the Edit Button ( (blue star) ) for the correct location.
You will find the ID number at the end of the page URL.
https://app.rx-cloud.com/Setting/Location?Id=1

viewonlylocation

A comma separated list of Location ID numbers that the user has access to.
This user will only be able to view information for any resource in this location and will not have the ability to interact with bookings.

Info

If more than 1 location is required, separate the ID values with a comma (, ).

To get the location ID number, navigate to the location edit screen.

Administration Settings → System Settings → Locations

Then select the Edit Button ( (blue star) ) for the correct location.
You will find the ID number at the end of the page URL.
https://app.rx-cloud.com/Setting/Location?Id=1

bookablelocation

A comma separated list of Location ID numbers that the user has access to.
This user will be able to create and interact with bookings for any resource in this location.

Info

If more than 1 location is required, separate the ID values with a comma (, ).

To get the location ID number, navigate to the location edit screen.

Administration Settings → System Settings → Locations

Then select the Edit Button ( (blue star) ) for the correct location.
You will find the ID number at the end of the page URL.
https://app.rx-cloud.com/Setting/Location?Id=1

dateformat

The date format for the user.

dd,MM,yyyy → (25,01,2021)
MM/dd/yyyy → (01/25/2021)

roles

A comma separated list of Role ID numbers.

Info

If more than 1 role is required, separate the ID values with a comma (, ).

The default role ID values are as below

Super Admin → 1
Server Admin → 2
User Admin → 3
User → 4
Messaging → 5
Reporting → 6
Location Admin → 7

To get the Role ID number for any custom Roles, navigate to the Role edit screen.

User Management → Roles

Then select the Edit Button ( (blue star) ) for the correct Role.
You will find the ID number at the end of the page URL.
https://app.rx-cloud.com/Roles/Create?Id=1

For more information on each of these values see the breakdown and description of each setting in our User Management guide → Create a New User.

Info

These values will be synced with the ResourceXpress database each time a user signs in to ResourceXpress via a browser.

Info

New in v2021.5 HF1

If no valid optional claim mappings exist, or the value is blank, ResourceXpress will fall back and use the value that has been entered manually via the RX Admin Dashboard

To overwrite the database with a blank value, use either a zero (0) or a hyphen (-) for the Attribute.

If the attribute contains any value other than a zero (0) or a hyphen (-), this value will be written to the user account the next time the user signs in via SSO.

Once the required values have been added click the X found in the top right of this section to return to the SSO configuration.

...

Navigate to the SSO Settings tab, this can be found on the System Settings page, under the Administration Settings menu.

...

Click Choose file alongside IDP Metadata, find .

...

Find the XML file that was downloaded in the previous step, and Download the Federation Metadata XML.
Then click Upload.

...

When using SSO, by default all users will be granted the role of User.
This will allow them to view the Booking Manager page only, to . To allow users access to more features in ResourceXpress they will need to exist as a user in the ResourceXpress local database.

Ticking the option Auto create user records from SSO will automatically add new users into the ResourceXpress user database when they sign - in for the first time , this This will then allow these users to be granted more access to the system, as well as assigning assign them an RFID and Access code values.

...

Welcome Email

When a user's account is auto-created in ResourceXpress, an email confirming this will a Welcome email can be sent to them to confirm their account. Included in this email will be a randomly generated password that can be used for the upcoming mobile app.

...

To enable the Welcome Email, tick the Send Welcome Email box.

...

Sync user details

Info

This option has been added in v1.5.1

...

Once all the above steps have been completed, click the Save button.

Now any Any user that has been added to the allowed user's list for the SAML application in Azure Active Directory will be able to sign-in to your ResourceXpress site.

...