Prerequisites
- Important: The new Log-In Experience feature only supports Service Provider Initiated (SP-Initiated SSO).
- Azure is required.
- Azure Admin access is required to configure the integration.
- The Create and Edit Integration privileges are required in Addigy to configure the Azure Single Sign-on integration.
- Please ensure that you are using the same email address that's associated with your Addigy account.
Overview
- Create an Enterprise App within your Azure portal
- Set up Single Sign-On
- Update SAML Information In Addigy
- Signing In
Create an Enterprise App within your Azure portal
- Start by selecting Enterprise Applications. You can do this by typing Enterprise Applications in your search bar:
- Select New Application:
-
Select Create your own application, then select integrate any other application you don't find in the gallery:
Set up Single Sign-On
- Select Set up single sign on:
- Select SAML:
- 5 steps will be displayed to set up SSO. For Step 1, Azure requires the Entity ID and ACS URL.
Select the Edit icon for Step 1. The Basic SAML Configuration form will appear. The Entity ID and ACS URL are available in the Addigy Console > Accounts > Integrations > Log In Options > Azure:
- The "Default" checkboxes next to the Identifier (Entity ID) and Reply URL (Assertion Consumer Service URL) fields should be checked.
Note: For testing the SAML Application, add your tenant's login URL to the Sign on URL field & append "https://". The Addigy login URL is located in Account > Settings.
- Edit Attributes & Claims in Step 2.
When you select EDIT for the User Attributes & Claims, you'll see this initially:
To achieve correct Attributes and Claims, delete any existing claims except for the Required Claim. - Create new claims by selecting Add New Claim, shown in the image above.
- When filling out a new claim, the Namespace should be completely empty for each claim:
After configuring the claims correctly, step two should look like this:
- Next, upload a PEM certificate into Addigy. Scroll to Step 3 in Azure and click Edit:
Click on the 3 dots lined up horizontally at the end of your certificate and download the PEM. certificate.
Update SAML Information In Addigy
- Upload the PEM certificate into the Addigy Azure SSO integration.
Note: If any changes are made within Azure, a new .pem file will need to be uploaded.
- In Azure, scroll down to Step 4 and copy the SSO URL (Login URL in Azure) into Addigy.
- Then make sure the users who will be logging into the Addigy Console are assigned to the Application in Azure.
- Before testing the integration from Azure, ensure that it has been toggled on in Addigy.
Important Note: We recommend testing your configuration in a separate browser.
Signing In
When signing in using Azure SSO as part of the login experience, you'll be able to sign into your Addigy portal with your Microsoft credentials: