Getting started
📌Note: Before you start, you need to make sure you are the owner of your organization. Only account owners can set up SAML Authentication.
Please go to Settings > 🔑SAML Authentication and click Enable SAML authentication toggle. Leave the tab open, as you'll need the data from here.
Step 1: Microsoft Azure Setup
Once you're logged in to your Microsoft Azure account, go to Enterprise applications to create a new non-gallery app.
Once your app is created, find Single sign-on in the side menu and select SAML as a single-sign-on method.
Under Basic SAML configuration you'll need to provide:
Identifier (Entity ID)
Reply URL (Assertion Consumer Service URL )
Sign on URL
Microsoft Azure | Corresponding Survicate field | Example: |
Identifier (Entity ID) | Not available in UI |
|
Reply URL (Assertion Consumer Service URL ) | ACS (Consumer) URL |
|
Sign on URL | Not available in UI |
|
You can find Reply URL ( Assertion Consumer Service URL ) under ACS (Consumer) URL in Survicate:
Identifier (Entity ID) is the same URL but has a different ending with /metadata
instead of /acs
.
https://panel-api.survicate.com/settings/saml/{{your_organization_id}}/metadata
Sign on URL ends with /login
https://panel-api.survicate.com/settings/saml/{{your_organization_id}}/login
In the end, your settings should look like this:
Now, go to SAML Signing Certificate and download the Certificate (Base64).
Open the downloaded file with any notepad app. Copy and paste the content into the Public certificate field in Survicate settings.
Finally, copy the Login URL from Azure, and paste it into Sign on URL field, and also Azure AD Identifier to Issuer field in Survicate settings.
Survicate | Corresponding Microsoft Azure field | Example: |
Sign on URL | Login URL |
|
Issuer | Azure AD Identifier |
|
Once you click "Save Configuration" you will get a list of recovery codes.
❗ Please save them; you will need those to bypass the Single Sign-On when you don't have access to SAML provider anymore.