Azure AD SSO
Follow these steps to add Azure as the SAML SSO provider for your workspace:
- Open Buddy SSO settings in one browser tab.
- In another tab, sign in to Azure and open Azure Active Directory:
- From the left navigation, select Enterprise Applications:
- Click the +New application button:
- Click +Create your own application, define the app name, and click Create:
- Go to Single sign-on and select SAML:
- Edit the Basic SAML Configuration:
Fill in the application details with the data copied from Buddy SSO configuration:
- Reply URL (Assertion Consumer Service URL) → ACS / SP Assertion Consumer Service / Single Sign-On from Buddy
- Identifier (Entity ID) → SP Entity ID / Audience URI from Buddy
- Save the changes.
- Refresh Azure page
- Save the data required for SSO configuration in Buddy for later use: Login URL, Azure AD Identifier, and download the certificate.
- Go to Users and groups and assign users to the application according to your need:
To see the Azure SSO identifier in the People tab:
- In Azure, go to Single sign-on → Attributes & Claims
- Set the Unique User Identifier to
user.mail
:
Return to Buddy's SSO settings tab and provide the information you copied from Azure:
- SSO URL / SAML Endpoint / Identity Provider Single Sign-On URL → Login URL from Azure
- Issuer → Azure AD Identifier from Azure
- Certificate → upload the Azure certificate you downloaded
- Signature / Digest Method → leave at
Most popular
- Click Test configuration and enable SSO on success.
- Sign in to your Azure account to save the SSO configuration.
Learn more about SSO implementation and configuration in Buddy:
Last modified on May 8, 2023