How to set up SP initiated SSO with OptiSigns and Azure AD

With Pro Plus and Enterprise plan, you can configure SAML 2.0 with OptiSigns via Azure AD. The Azure AD will be acting as the IDP (Identify Provider), and OptiSigns will be working as the SP(Service Provider). We supported both IDP initiated SSO and SP initiated SSO.

Please refer to this article for how to set up the IDP initiated SSO and how to configure the SAML with OptiSigns and Azure. SP initiated SSO requires the SP to send a SAML request to IDP to start the authentication process, the setup will be the same as IDP initiated SSO on Azure side. But it is slightly different on OptiSigns. This article will only cover the difference on the SP initiated SSO.

To setup SP initiated SSO, there are 2 major differences compared with IDP initiated SSO.

1. Enable SP-Initiated processing 

Go to SAML Single Sign On setting page:

https://app.optisigns.com/app/s/saml-settings

mceclip0.png

2. Set the SAML Endpoint and Entity ID for SP-initiated SSO.

Under the Setup SAML Authentication section in SAML Single Sign On setting page, we will need to update the SAML 2.0 Endpoint, and Identify Provider Issuer. These values are different for SP initiated SSO.

The SAML2.0 Endpoint is the Logon URL in the Azure OptiSigns application SSO setting.

The Identity Provider Issuer will be the application ID from Azure.

Public certificate is the same as the IDP initiated SSO. 

mceclip4.png

To get the Logon URL from Azure, go to the Single sign-on setting in the enterprise application.

mceclip2.png

To get the application ID, go to the properties of your enterprise application.

mceclip3.png

 

That's it!

You have enabled SP-initiated SSO for OptiSigns with Azure AD.

 

If you have any additional questions or any feedback about OptiSigns, feel free to reach out to our support team at support@optisigns.com or just submit a ticket here.

Was this article helpful?
0 out of 0 found this helpful

Comments

0 comments

Article is closed for comments.