Appearance
AzureAD / EntraID - Single Sign-On
Learn how to setup AzureAD / EntraID to provide Single Sign-On (SSO) to Spektion.
To begin, log in to the Azure Portal.
Expand the Microsoft Azure navigation menu and click Microsoft Entra ID. This will take you to the Organization Overview page.
Under Manage select Groups and proceed to create a new group. Add an owner and members, and set the Group Type to Security. For more details about creating groups see the EntraID docs. We suggest naming the group with something you can easily reference such as Spektion Users.
Once created, return to the overview page. Under Manage, select Enterprise Applications and proceed to click + New application. Select + Create your own application, name it "Spektion", and use the default value of Integrate any other application you don't find in the gallery (Non-gallery).
Once the application is created, you will be directed to Spektion - Overview.
Click on 1. Assign users and groups, then + Add user/group, and finally under Users and groups select the new Spektion Users group created during step 3. Once selected be sure to click Assign before returning to Spektion - Overview.
Next, click on 2. Set up single sign-on and then select SAML as your single sign-on method.
In Basic SAML Configuration, enter the following and then click Save:
- Identifier (Entity ID): enter the value provided in the Spektion SSO/SAML setup labeled Audience URI (SP Entity ID)
- Reply URL (Assertion Consumer Service URL): enter the value provided in the Spektion SSO/SAML setup labeled Single sign-on URL
In SAML Signing Certificate, copy the App Federation Metadata Url
Return to the Spektion SSO/SAML setup and enter EntraID for the Name, and paste the copied value to Metadata URL. Next click Save.
Spektion will attempt to authenticate your account with EntraID. After successful authentication you will be able to leverage the SSO option when signing-in to Spektion.
