Write us an email asking about a possibility of turning SAML SSO on for Azure! (support@sweetprocess.com)

We will write you back with configuration data that is needed to finish the following instructions properly.

After we write you back you can go to the next step of this instruction.

Navigate to Azure Active Directory > Enterprise applications and click on "+ New application" button to add a new application

Now that the application is ready, you can navigate to Single Sign-on settings and click on SAML option to setup integration with sweetprocess

You will be taken to the configuration site for SAML. From there - you should edit the basic settings first:

Fill in the identifier (Entity ID) and Assertion Consumer Service (ACS) URL we gave you earlier once you had contacted us to set up SAML.

This is optional - you can leave that configuration point unchanged unless there are some attributes you want to hide from us.

Minimal property we require for SAML to work properly with sweetprocess is the email address of the user that is logging in (user.email field).

Make sure that the property you are sending us doesn't have a namespace or, that the namespace is: schemas.xmlsoap.org/ws/2005/05/identity/claims

It is important that we know exactly how the property is sent from your system. For example, Azure will in the default configuration send givenName and emailAddress. Note that the capital N and A are important here, we need to match 100% with how your system is configured.

Download and send us your Federation Metadata XML file - this is a file that we will need in order to finish the setup.

Make sure that you've added users and/or groups of people you want using sweetprocess application via SSO.

After you receive an email from us, saying that we enabled Single Sign On (SSO) login, click the provided link and try to log in!

You can also test out if you can log in by clicking Test button in SAML configuration page: