Configuring Azure AD for SAML in RStudio Workbench
RStudio Workbench, formerly RStudio Server Pro, is a registered app with Azure.
Configure Application in Azure AD
Navigate to the Azure portal, go to Azure
In the left-hand menu, click App registration >
Enterprise Applications and then select All Applications.
To add new application, click New application.
In the Add from the gallery section, type "RStudio Server Pro SAML Authentication" in the search box.
From the results panel, select RStudio Server Pro SAML Authentication and then add the app. You may have to wait several seconds while the app is added to your tenant.
In the Azure portal, on the RStudio Server Pro SAML
Authentication application integration page, navigate to the Manage
section and select single sign-on.
On the Select a single sign-on method page, select SAML.
On the Set up single sign-on with SAML page, click the edit/pen
icon for Basic SAML Configuration to edit the settings.
On the Basic SAML Configuration section, if you wish to configure
the application in IDP initiated mode, enter the values for the
a. In the Identifier text box, type a URL using the following pattern:
b. In the Reply URL text box, type a URL using the following pattern:
Click Set additional URLs and perform the following step if you wish to configure the application in SP initiated mode:
In the Sign-on URL text box, type a URL using the following pattern:
On the Set up single sign-on with SAML page, in the SAML Signing Certificate section, click copy button to copy App Federation Metadata Url and save it on your computer.
Additionally, we recommend referencing the Azure documentation.
Configure RStudio Server Workbench
Update the RSW configuration file with the following:
Restart RSW by running the following:
sudo rstudio-server restart
Any user who has been given access via Azure AD and has been provisioned
on the RSW server, should now be able to log in. For the above configuration, the username
is the email address (converted to lowercase).