Enable SSO with Microsoft Azure AD

Set up SSO with Microsoft Azure and configure settings to allow your users to access EveryoneSocial by authenticating with Azure.

🔸 An Enterprise account for a Microsoft Azure AD administrator is required to configure SSO.

🔹 This is available on the Enterprise and Unlimited User plan.

Create a new application and enable SSO

Follow Microsoft’s directions on how to create a new application and enable SSO.

Configure SAML SSO

Here is the basic SAML configuration information to enter in the respective fields in Microsoft Azure.

  • Identifier (Entity ID): urn:amazon:cognito:sp:us-east-1_Njik3uRLR
  • Reply URL (Assertion Consumer Service URL): https://auth.everyonesocial-prod.com/saml2/idpresponse

  • Sign on URL: https://YOUR_SUBDOMAIN.everyonesocial.app/sso

    🔸 Update YOUR_SUBDOMAIN to the custom subdomain applied to your company’s Workspace.

User attributes and claims

We require an additional claim name to be mapped from the user's email address. See below. http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress

Value’s differ based on the Azure configuration. For example, EveryoneSocial uses SSO and we use the value “user.mail.” See below.

The overall configuration should look similar to the following image.

Test the SSO integration

Once these steps are complete, we will need two pieces of information.

  • App Federation Metadata URL
  • Federation Metadata XML file

Location the App Federation Metadata URL and click Copy. Find the Federation Metadata XML file and click Download.

Send these to EveryoneSocial Support. Once received, we will arrange a call where we can test the SSO integration before going live.

Trouble with the integration? Check out our Azure AD SSO troubleshooting article.

Did this answer your question? Thanks for the feedback There was a problem submitting your feedback. Please try again later.