Skip to main content

Prerequisites

  • Ensure that you have a Vantage tenant identifier before configuring identities. To get a tenant identifier, click Configuration in ABBYY Vantage. The identifier is on the General tab.
  • Create a Redirect URI to receive the authentication responses. The URI is:
    https://<your-vantage-url>/auth2/Saml2/Acs
  • Create an application registration (see the instructions below). Registering your application establishes a trust relationship between your application and the External Identity Provider.

Creating the Application

To create the application, follow these steps:
  1. Open Azure Portal and undergo authentication. In the pane on the left, select Azure Active Directory.
  2. In the pane on the right, select App registrations and click New registration.
Azure AD App Registrations
  1. Fill in the required fields:
    • a. Specify a name.
    • b. Select Accounts in this organizational directory only.
    • c. Specify a URI for each Vantage URL that should be able to authenticate using this account: https://<your-vantage-url>/auth2/Saml2/Acs
Application Registration Form
  1. Click Register.
Next, set up Azure Active Directory to be used as an External Identity Provider.

Setup

To set up Azure Active Directory, follow these steps:
  1. In the Expose an API tab, change the Application ID URI to api://platform.abbyy.cloud/{tenantId}, where tenantId is the Vantage tenant identifier in GUID format without hyphens (for example, 117489fc1aea41658369d4d18d6557ga).
Expose an API
  1. Select the Overview tab and click Endpoints. Copy the value of the Federation metadata document field.
Endpoints and Federation Metadata

Next Steps

Set up authentication via a SAML 2.0 External Identity Provider for your tenant in Vantage, which requires link to the Federation metadata document from step 2. For more information, see Setting up an External Identity Provider for a tenant.