Skip to main content
Setup SAML SSO for Microsoft Azure

SAML SSO How-to

Christina avatar
Written by Christina
Updated over 3 months ago

Follow the below process to setup SAML SSO for Microsoft Azure in your Goody account:

  1. In your Microsoft Azure admin account, navigate to Enterprise Applications > All Applications

  2. Click New application

  3. Click Create your own application

  4. Name your application "Goody"

  5. Select "Integrate any other application you don't find in the gallery (Non-gallery)"

  6. Click Create. This will create your custom Goody application and bring you to the Overview page.

  7. In a separate browser, login to your Goody account. Go to Organization > Settings > SAML SSO to view the SAML SSO settings and download the Goody logo. Leave this page open as you'll need tor reference the setting fields.

  8. (Optional) On your Microsoft Enterprise Application Overview page, go to Manage > Properties, and under Logo, upload the Goody Logo. Click Save.

  9. On your Microsoft Enterprise Application Overview, click 1. Assign users and groups

  10. Click Add user/group to add the users and/or groups who will have access to the application.

  11. Once users and groups are added, click 2. Set up single sign on on the Overview page.

  12. Select SAML.

  13. Under 1. Basic SAML Configuration, click Edit. Enter these attributes:

    1. Identifier (Entity ID): Copy Goody's SP Entity ID

    2. Reply URL (Assertion Consumer Service URL): Copy Goody's ACS URL

    3. The remaining optional attributes can be left blank.

  14. Click Save.

  15. Under 2. Attributes & Claims, click Edit.

    1. Under Required claim, set the Unique User Identifier (Name ID) source attribute to user.mail.

    2. Under Additional claims, delete each of the claims by clicking the three dots (...) next to each claim, and clicking Delete.

    3. Add three new claims as follows:

      1. Name: first_name, Source attribute: user.givenname

      2. Name: last_name, Source attribute: user.surname

      3. Name: email, Source attribute: user.mail

  16. This is all the configuration needed on the Microsoft end. You'll now need to copy three values from your Microsoft settings to your Goody SAML settings page:

    1. Under 3. SAML Certificates, open the App Federation Metadata Url and copy the X509 certificate value. Paste this into Goody's Certificate field.

    2. Under 4. Set up Goody, copy the Login URL. Paste this into Goody's SSO URL field.

    3. Also under 4. Set up Goody, copy the Microsoft Entra Identifier. Paste this into Goody's Entity ID field.

  17. This completes configuration needed on Goody's end.

  18. Now you can test your SAML setup. Under 5. Test single sign-on with Goody, click Test.

  19. Click Test sign in. A new browser will open up and you should be redirected to the Goody website and signed in.

Did this answer your question?