The this page describes how to configure SAML Single Sign-On (SSO) for Telerivet using Azure Active Directory as the Identity Provider.
Before completing these steps, the SAML Single Sign-On feature must be enabled for your account. Contact support@telerivet.com to request this feature.
- Log in to the Telerivet dashbard as an account with the "Organization administrator" role.
- Click Account, then click Organization Settings.
- Under Allowed Login Methods, click “Configure” next to SAML Single Sign-On.
- Leave all fields blank for now, enter your Telerivet password at the bottom and click “Save changes”.
- Click the Application Logo and download it to your computer.
- Open another browser window/tab and go to https://portal.azure.com/
- Click “Azure Active Directory”.
- In the Manage sidebar, click click “Enterprise Applications”.
- Click “New Application”
- Click “Create your own application”
- For “What's the name of your app?” type “Telerivet”
- Select “Integrate any other application you don't find in the gallery (Non-gallery)”
- Click “Create”
- In the Manage sidebar, click “Properties”
- Next to “Logo” click “Select a file” and select the application logo downloaded earlier.
- Click “Save”
- In the Manage sidebar, click “Single sign-on”
- Click “SAML”
- In the “Basic SAML Configuration” section, click “Edit”
- Switch to the Telerivet window on the SAML Single Sign-On Settings page, and copy the Service Provider Entity ID (Audience URI). Switch to the Azure window and paste this value under “Identifier (Entity ID)”, replacing the default value.
- Switch to the Telerivet window on the SAML Single Sign-On Settings page, and copy the Service Provider Assertion Consumer Service URL. Switch to the Azure window and paste this URL in the Basic SAML Configuration screen under “Reply URL (Assertion Consumer Service URL)”.
- Switch to the Telerivet window on the SAML Single Sign-On Settings page, and copy the Service Provider Single Log-Out Service URL. Switch to the Azure AD window and paste this URL in the Basic SAML Configuration screen under “Logout Url”.
- Leave the other fields blank and click “Save” on the Basic SAML Configuration screen. Close the Basic SAML Configuration screen.
- Switch to the Telerivet window and click “Edit Settings”.
- Switch to the Azure AD window. In the “Set up Telerivet” section, copy the Login URL. Switch to the Telerivet window and paste this URL under “Identity Provider Single Sign-On URL (SAML 2.0 Endpoint)”.
- Switch to the Azure AD window. In the “Set up Telerivet” section, copy the Azure AD Identifier. Switch to the Telerivet window and paste this URL under “Identity Provider Entity ID (Issuer URI)”.
- Switch to the Azure AD window. In the “Set up Telerivet” section, copy the Logout URL. Switch to the Telerivet window and paste this URL under “Identity Provider Single Log-Out URL (optional)”.
- Switch to the Azure AD window. In the “SAML Signing Certificate” section, click the Download link next to “Certificate (Base64)”. Switch to the Telerivet window and click "Choose File" or "Browse" (or similar) under “Identity Provider Certificate” then select the downloaded file. The certificate data should be populated in the text area below.
- Enter your Telerivet password at the bottom of the page and click "Save changes".
- Switch to the Azure AD window. In the Manage sidebar, click “Users and groups”
- Click “Add user/group”
- Assign any users or groups that should have access to Telerivet via Single Sign-On.
Note: Each user will need to be granted access via the Azure AD “Users and groups” page as well as via Telerivet’s User Accounts page in order to have access to Telerivet via Single Sign-On.
When Single Sign-On is enabled via Azure AD, users can access Telerivet in either of the following ways:
- Go to https://myapps.microsoft.com/ and click the Telerivet link/logo
- Go to https://telerivet.com/dashboard . If not logged in already, click the “SAML” button and enter your email address.
Comments
0 comments
Article is closed for comments.