All Collections
Single Sign-On (SSO)
SSO Configuration - Microsoft Azure Active Directory (AD) / Office 365
SSO Configuration - Microsoft Azure Active Directory (AD) / Office 365
Specific information about configuring SSO for Microsoft Azure AD / Office 365
Team Skedda avatar
Written by Team Skedda
Updated over a week ago

This article is a supplement to our main article on SSO (please read that first for context).

Skedda has a published/official integration with Azure Active Directory (AD) / Office 365. You can find Microsoft's detailed guide for the Skedda integration here. Use the Microsoft guide as your main reference while you're reviewing the steps and screenshots below.

A full video walkthrough of the setup process is also available below:

Step 1: Add new application

From your ‘Enterprise applications’ page, in your ‘Default Directory’, select ‘New Application’, to begin the configuration process.

Step 2: Search for, and create, your Skedda-app

In the Azure AD Gallery, search for Skedda, and then select ‘Create’ in order to add the Skedda-app into your Directory.

Step 3: Select ‘Set up single sign on’, and choose the SAML sign-on method

  • In the ‘Properties’ page, select ‘Set up single sign on’:

  • Then, after that, select the ‘SAML’ sign-on method’:

Step 4: Configure the ‘Relay State’ value in Azure AD

Click on the ‘Edit’ option for the ‘Basic SAML Configuration’ section on the setup page, as shown in the screenshot above. From here, you need to paste the ‘Relay State’ value, found in your Skedda SSO settings page, into the ‘Relay State’ field in Azure.

You’ll find the ‘Relay State’ value in your Skedda SSO settings as shown in the screenshot below:

Step 5: Provide Skedda with your relevant IdP details

Next, copy/download the information, shown in the screenshot above, and paste it into the relevant fields in your Skedda SSO settings page. The table below shows where you should paste each value from Azure AD, into Skedda.

Value in Azure AD:

Corresponding field in Skedda:

Azure AD Identifer

Identity Provider Entity ID

Login URL

Identity Provider Login URL

Certificate (Base64)

Identity Provider Certificate Public Key

Once you’ve downloaded your ‘Certificate (Base64)’ file, you can use a text editor to open the file and access the Base64 as text for pasting into your Skedda SSO settings page. Please also note that there may be "wrapping" text in the file exported from Azure (similar to "BEGIN HERE" and "END HERE") - this wrapping text should NOT be pasted into the Skedda side (i.e. only paste the "body" Base64 characters).

Step 6: Configure ‘User Attributes & Claims’ mapping

The final step requires that you configure the relevant attribute mappings in Azure, in order to provide Skedda with the required details in order to complete authentication via SSO. Click on the ‘Edit’ option, as shown in the screenshot above, to access your ‘User Attributes & Claims’ settings.

  • From here, first remove the ‘user.mail’ Claim name/Value:

  • Then, click into the ‘user.principlename’ Claim name/Value:

  • Next, copy the ‘Email’ attribute value from your Skedda SSO settings page, using the clipboard button:

  • Back in your Azure AD settings for the ‘user.principalname’ Claim/Value page, paste the ‘Email’ attribute you’ve copied from Skedda into the ‘Name’ field, leaving the ‘Namespace’ field blank, and save your changes:

Typically, you won’t need to make any changes to the ‘user.givenname’ and ‘user.surname’ values in your ‘User Attributes & Claims’ settings page, as these are configured correctly in Azure AD by default.

However, if, for some reason, you need to configure these values, too, then the table below shows how each 'Claim name' from the Skedda side should be matched up with its appropriate 'Value', in Azure.

Step 7: Setup Complete!

Finally, review the "Properties" page for the app. Choose "No" for "User assignment required?" if you wish to allow all users in your AD to access the app. Otherwise, if you choose "Yes" here, you need to explicitly add users and groups to the "Users and Groups" page, otherwise nobody will have access to the app. Additionally, the "Visible to users?" item controls whether or not the app is displayed in the O365 dashboard app launcher for users who have access.

Once that’s completed, you’re all set to begin testing!

Walkthrough video

If you’d like to set your SSO integration while following along with a video walkthrough, take a look at the video below to get going!

If you're having trouble getting SSO to work after setting it up, take a look at our SSO Troubleshooting article!

Please also feel free to reach out to our support team if you have any questions or issues in the setup process.

Did this answer your question?