Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.abbyy.com/llms.txt

Use this file to discover all available pages before exploring further.

Prerequisites

  • Ensure that you have a Vantage tenant identifier before configuring identities. To get a tenant identifier, click Configuration in ABBYY Vantage. The identifier is on the General tab.
  • Create a Redirect URI to receive the authentication responses. The URI is:
    https://<your-vantage-url>/auth2/Saml2/Acs
  • Create an application registration (see the instructions below). Registering your application establishes a trust relationship between your application and the External Identity Provider.

Creating the application

To create the application, follow these steps:
1

Open the Azure Portal

Go to Azure Portal and sign in. In the pane on the left, select Azure Active Directory.
2

Open App registrations

In the pane on the right, select App registrations and click New registration.
Azure AD App registrations pane with the New registration button highlighted
3

Fill in the registration form

Specify the following:
  • Name — a name for the application.
  • Supported account types — select Accounts in this organizational directory only.
  • Redirect URI — for each Vantage URL that should authenticate using this account, enter https://<your-vantage-url>/auth2/Saml2/Acs.
Azure AD application registration form with name, supported account types, and SAML redirect URI fields
4

Register the application

Click Register.
Next, set up Azure Active Directory to be used as an External Identity Provider.

Set up Azure Active Directory

To set up Azure Active Directory, follow these steps:
1

Set the Application ID URI

In the Expose an API tab, set the Application ID URI. Due to Microsoft Entra identifier URI restrictions, use the format api://<appId>, where appId is the Application ID from the app registration (for example, api://cccc3333-dddd-4444-eeee-5555ffff6666). Copy this value — you’ll need it when configuring the External Identity Provider in Vantage.
2

Copy the federation metadata URL

Select the Overview tab and click Endpoints. Copy the value of the Federation metadata document field.

Next steps

Once Azure AD is configured, connect it to your Vantage tenant. You’ll need the URL to the Federation metadata document you copied in the Set up section (step 2). For the Vantage-side setup, see Setting up an External Identity Provider for a tenant.

Configuring a SAML 2.0 External Identity Provider

Overview of SAML 2.0 setup for AD FS or Azure AD

Active Directory as a SAML 2.0 External Identity Provider

Configure on-premises AD FS instead of Azure AD

Setting up an External Identity Provider for a tenant

Connect Azure AD to your Vantage tenant

Testing external authentication

Verify the External Identity Provider before users sign in