Merge branch 'master' into shorter-integrations-jul8

logzio · Jul 9, 2024 · 4486378 · 4486378
2 parents 20751b4 + 42618ce
commit 4486378
Show file tree

Hide file tree

Showing 2 changed files with 44 additions and 42 deletions.
diff --git a/docs/user-guide/admin/sso/azure-sso.md b/docs/user-guide/admin/sso/azure-sso.md
@@ -6,7 +6,8 @@ description: Configure Single Sign On for Azure and Logz.io
 keywords: [single sign=on, sso, sso setup, sso configuration, secured login, integration, azure]
 ---
 
-Logz.io offers a quick integration for SSO with Azure.
+Logz.io offers seamless integration for Single Sign-On (SSO) with Azure. Follow these steps to set up SSO for your Logz.io account.
+
 
 
 ### Request SSO access from Logz.io
@@ -15,92 +16,95 @@ Logz.io offers a quick integration for SSO with Azure.
 Only account admins can request single sign-on access for their accounts.
 :::
 
-
 To kick off this process, send an email to [[email protected]](mailto:[email protected]).
-Write that you want to set up Azure SAML SSO for Logz.io.
-Include these items in the message:
+Write that you want to set up Azure SAML SSO for Logz.io and include the following details:
 
 * Your Logz.io [account ID](https://app.logz.io/#/dashboard/settings/general)
 * The last six characters of your [account token](https://app.logz.io/#/dashboard/settings/manage-accounts)
 
-The Support team will respond with the connection information you'll need to give in Azure.
+The Support team will respond with the connection information you'll need to input in Azure.
 
 ### Add Logz.io as a gallery application in Azure
 
-Log into your [Azure Portal](https://portal.azure.com/) and follow the instructions in [Azure's docs](https://docs.microsoft.com/en-us/azure/active-directory/saas-apps/logzio-cloud-observability-for-engineers-tutorial) for adding the **Logz.io - Azure AD Integration** from the  Gallery.
+Log into your [Azure Portal](https://portal.azure.com/) and follow the instructions in [Azure's docs](https://docs.microsoft.com/en-us/azure/active-directory/saas-apps/logzio-cloud-observability-for-engineers-tutorial) to add the **Logz.io - Microsoft Entra Integration** from the Gallery.
+
+
+
+
+
 
-When you get to the step **Set up single sign-on with SAML**, you'll need the SAML information you received from Logz.io Support's email.
+When you get to the step **Set up single sign-on with SAML**, use the SAML information provided by Logz.io Support:
 
-* The _Audience URI_ from Logz.io is the SAML **Identifier (Entity ID)**.
-* The _Single sign on URL_ from Logz.io is the SAML **Reply URL (Assertion Consumer Service URL)**.
+* **Identifier (Entity ID)**.
+* **Reply URL (Assertion Consumer Service URL)**.
+
+![information](https://dytvr9ot2sszz.cloudfront.net/logz-docs/sso-providers/azure/basic-saml-configuration.png)
 
 ### Zip the SAML certificate
 
-In your new Azure app, navigate to **Manage > Single sign-on** and select the SAML method. In the SAML Signing Certificate section, find Certificate (Base64), download and zip it.
 
-In the next step, you'll need to email this zip file to the [Logz.io Support team](mailto:[email protected]).
 
-![SAML Certificate](https://dytvr9ot2sszz.cloudfront.net/logz-docs/sso-providers/azure/azure-saml-download.png)
+In your Azure app, navigate to Manage > Single sign-on and select the SAML method. Download the Certificate (Base64) and zip it. Email this zip file to the Logz.io Support team.
+
+In your new Azure app, navigate to **Manage > Single sign-on** and select the SAML method. Download the Certificate (Base64) and zip it. Email this zip file to the [Logz.io Support team](mailto:[email protected]).
+
 
-Save your configuration.
+![SAML Certificate](https://dytvr9ot2sszz.cloudfront.net/logz-docs/sso-providers/azure/download-saml-jul3.png)
+
+Save your configuration and continue.
 
 ### Send your SAML details to Logz.io
 
-Draft a new [email to Support](mailto:[email protected]), and include these items:
+Draft a new [email to Support](mailto:[email protected]), and include:
 
 * Your zipped SAML Signing Certificate (from the previous step).
-* Your SAML-P SIGN-ON ENDPOINT.
-  This is your Azure **Login URL**.
+* Your Azure Login URL (SAML-P SIGN-ON ENDPOINT)
 
-  ![Azure SAML-P SIGN-ON ENDPOINT](https://dytvr9ot2sszz.cloudfront.net/logz-docs/sso-providers/azure/setup-azure-mar24.png)
+![Azure SAML-P SIGN-ON ENDPOINT](https://dytvr9ot2sszz.cloudfront.net/logz-docs/sso-providers/azure/setup-app-name-jul3.png)
 
 
 ### Configure Azure to send user groups
 
-Return to the App registrations page in your [Azure Portal](https://portal.azure.com/).
-If you don't see Logz.io, click **View all applications**.
+Go to the App registrations page in your Azure Portal. If Logz.io is not visible, click **View all applications**. Open the App registrations service, choose the relevant application, and click **Manifest**. 
+
+Set `groupMembershipClaims` to `"All"` in the JSON manifest and save your configuration.
 
-Open the **App registrations** service, choose the relevant application from the list, and click **Manifest**.
-In the manifest JSON, set groupMembershipClaims to `"All"`.
-Click **Save** (at the top of the page).
 
-![groupMembershipClaims Editor](https://dytvr9ot2sszz.cloudfront.net/logz-docs/sso-providers/azure/azure-sso-app-json-mar.png)
+![groupMembershipClaims Editor](https://dytvr9ot2sszz.cloudfront.net/logz-docs/sso-providers/azure/manifest-jul3.png)
 
 ### Additional configuration for users who are in over 150 groups
 
 :::note
 Azure’s API requires additional configuration for members of 150 groups.
 :::
 
-Azure has some limitations for users who are members of over 150 groups, and requires additional configuration to send the relevant data to Logz.io. To make sure your groups are sent appropriately, follow these steps:
+Azure has limitations for users who are members of over 150 groups, which requires additional configuration. To ensure proper data transmission, follow these steps:
 
-In your Azure Portal, navigate to **[Microsoft Entra ID](https://portal.azure.com/#blade/Microsoft_AAD_IAM/ActiveDirectoryMenuBlade/Overview)** > **[App Registrations](https://portal.azure.com/#view/Microsoft_AAD_RegisteredApps/ApplicationsListBlade)**, and open Logz.io's app you've created to sign in with SSO.
+Navigate to **[Microsoft Entra ID](https://portal.azure.com/#blade/Microsoft_AAD_IAM/ActiveDirectoryMenuBlade/Overview)** > **[App Registrations](https://portal.azure.com/#view/Microsoft_AAD_RegisteredApps/ApplicationsListBlade)** and open the Logz.io app.
 
 Next, navigate to **API Permissions**, and click **Add a permission**.
 
-![Add permission](https://dytvr9ot2sszz.cloudfront.net/logz-docs/sso-providers/azure/add-permission-mar.png)
-
 Add the three following permissions to your account:
 
   1. Select the **APIs my organization uses** tab on the right side menu, and click on **Windows Azure Active Directory**. Next, choose **Application permissions** > **Directory.Read.All** and add the permission.
 
-  ![Add read all permission](https://dytvr9ot2sszz.cloudfront.net/logz-docs/sso-providers/azure/directory-read-all-mar.png)
+  ![Add read all permission](https://dytvr9ot2sszz.cloudfront.net/logz-docs/sso-providers/azure/add-permission-jul3.png)
 
   2. Click **Add a permission**. Under **Microsoft APIs** select **Microsoft Graph**.
   Choose **Application permissions**, and search for **Group**. Choose **Group:ReadAll**, and click Add permissions.
 
-  ![Add group read all permission](https://dytvr9ot2sszz.cloudfront.net/logz-docs/sso-providers/azure/group-read-all-mar.png)
+  ![Add group read all permission](https://dytvr9ot2sszz.cloudfront.net/logz-docs/sso-providers/azure/add-pemission-2-jul3.png)
 
   3. Click **Add a permission**, select **Microsoft APIs** tab and click on **Microsoft Graph** again.
   Choose **Application permissions**, search for **Application**, choose **Application.Read.All**, and click Add permissions.
 
-  ![Add application read all permission](https://dytvr9ot2sszz.cloudfront.net/logz-docs/sso-providers/azure/application-read-all-mar.png)
+  ![Add application read all permission](https://dytvr9ot2sszz.cloudfront.net/logz-docs/sso-providers/azure/add-permission-group-jul3.png)
 
-Next, navigate to **Certificates & secrets** on the left side menu, and add a **New client secret**. Name the secret, for example, Logz.io Group Access, set the expiration date to the farthest option available, 24 months, and click the **Add** button.
+Next, navigate to **Certificates & secrets** on the left side menu, and add a **New client secret**. Name the secret, set the expiration date to the farthest option available, 24 months, and click the **Add** button.
 
-Navigate to **Overview**, located on the left side menu, copy the Application (client) ID and send it with the Secret you've created to **[Logz.io Support team](mailto:[email protected])**.
+Navigate to **Overview**, located on the left side menu, copy the **Application (client) ID** and send it with the Secret you've created to **[Logz.io Support team](mailto:[email protected])**.
 
-Once your connection has been updated and approved by Logz.io Support team, you and your team should be able to log in to Logz.io via the SSO connection (found in https://myapplications.microsoft.com/) regardless of the number of members in a group.
+Once your connection has been updated and approved by Logz.io Support team, you and your team should be able to log in to Logz.io via the SSO connection (found in [Apps dashboard](https://myapplications.microsoft.com/)) regardless of the number of members in a group.
 
 
 ### _(Optional)_ Restrict access to Logz.io to specific user groups
@@ -109,16 +113,14 @@ Once your connection has been updated and approved by Logz.io Support team, you
 
 By default, all Azure users with Logz.io access can sign in to your Logz.io accounts.
 
-You can restrict this access from the [Manage users page](https://app.logz.io/#/dashboard/settings/manage-users) for each of your accounts.
+To restrict access, navigate to the [Manage users page](https://app.logz.io/#/dashboard/settings/manage-users) for each account, click **Add group**, and paste the group's **Object ID**.
 
-Click **Add group**, and paste the group's **Object ID** for each group that should have access to the account in Logz.io.
+Find your **Object ID** in [your Azure app](https://portal.azure.com/) > [Groups](https://portal.azure.com/#blade/Microsoft_AAD_IAM/GroupsManagementMenuBlade/AllGroups). Open the relevant group and copy the Object ID string.
 
-To find your **Object ID**, navigate to [your Azure app](https://portal.azure.com/) > [Groups](https://portal.azure.com/#blade/Microsoft_AAD_IAM/GroupsManagementMenuBlade/AllGroups). Open the relevant group and copy the Object ID string.
+![ObjectID](https://dytvr9ot2sszz.cloudfront.net/logz-docs/sso-providers/azure/security-jul3.png)
 
-![ObjectID](https://dytvr9ot2sszz.cloudfront.net/logz-docs/sso-providers/azure/group-object-id.png)
 
 
 ### Receive confirmation from Support
 
-When Support has created your Azure + Logz.io connection, you're done!
-You can start logging in to Logz.io through your Azure Apps portal.
+Once the Support team confirms the Azure + Logz.io connection, you can log in to Logz.io through your Azure Apps portal.
diff --git a/docs/user-guide/admin/sso/azure_marketplace_liftr.md b/docs/user-guide/admin/sso/azure_marketplace_liftr.md
@@ -44,12 +44,12 @@ To be able to access and use the SSO link that is created for a Logz.io-Azure in
 
 ### Add the Logz.io-Azure Active Directory Integration from the gallery
 
-To configure SSO for the Logz.io resource in the Azure Portal, you need to add the Logz.io - Azure AD Integration from the gallery to your list of managed SaaS apps.
+To configure SSO for the Logz.io resource in the Azure Portal, you need to add the Logz.io - Microsoft Entra Integration from the gallery to your list of managed SaaS apps.
 
 1. Sign in to the Azure Portal using a Microsoft account.
 2. In the Azure Portal, in **Logz.io | Overview**, in the **+ Add** menu, select **Enterprise application**.
    ![Enterprise application option](https://dytvr9ot2sszz.cloudfront.net/logz-docs/sso-providers/azure/liftr-ovrview_enterprise_apps.png)
-3. In the Azure Active Directory Gallery, browse to the **Logz.io - Azure AD Integration** application and select it.
+3. In the Azure Active Directory Gallery, browse to the **Logz.io - Microsoft Entra Integration** application and select it.
 4. Rename the integration with a relevant name and click **Create**. (In the steps that follow, we used the name **AD app for a logz.io resource**)
 ![Rename the integration](https://dytvr9ot2sszz.cloudfront.net/logz-docs/sso-providers/azure/liftr-rename_logzio-ad_integration.png)
 
@@ -59,7 +59,7 @@ To configure SSO for the Logz.io resource in the Azure Portal, you need to add t
 In **AD app for a logz.io resource | Overview > Properties**, copy the **Application ID** property.
 ![Copy Application ID](https://dytvr9ot2sszz.cloudfront.net/logz-docs/sso-providers/azure/liftr-copy_application_id2.png)
 
-### Configure Azure AD SSO
+### Configure Microsoft Entra Integration SSO
 
 1. In  **AD app for a logz.io resource | Overview > Getting Started**, in **2. Set up single sign on**, click **Get started** to open **Single sign-on**.
 ![Set up SSO](https://dytvr9ot2sszz.cloudfront.net/logz-docs/sso-providers/azure/liftr-set-up_sso.png)