Testing Your Single Sign-On Connection

Pivotal Web Services End of Availability Announced
For more information, see Frequently Asked Questions.

This topic describes how a Pivotal Web Services (PWS) plan administrator can test the OpenID Connect (OIDC) connection between the Single Sign-On (SSO) service and Azure Active Directory (Azure AD).

You can test your identity provider integration by deploying the Single Sign-On Service Sample Applications.

Follow the steps below to test your Single Sign-On connection.

  1. Log in to Apps Manager at https://console.run.pivotal.io and navigate to the org and space where your app is located.

  2. Under Services, locate the service instance of the SSO plan bound to your app.

    Azure oidc instance

  3. Select the service instance and click Manage.

    Azure oidc manage instance

  4. Under the Apps tab, select your app.

    Azure oidc app

  5. Under Identity Providers, select the Azure AD identity provider. Remove any other identity providers.

    Azure oidc app idp

  6. Return to Apps Manager and click the URL listed below your app to access your app.

    Azure oidc app url

  7. Navigate to your login. You will be redirected to the identity provider to authenticate.

    Azure oidc app prompt

  8. On the identity provider sign-in page, enter your credentials and sign in.

    Azure oidc login

  9. If the app prompts for authorization to the necessary scopes, click Accept.

    Azure oidc accept

  10. If you are now logged into your app, your Azure AD OIDC to SSO connection works.

    Azure oidc confirm