“”

Configuring SSO for Azure

At Qualified, customer trust and data security is a top priority. It’s our goal to help protect your business from vulnerabilities while also increasing productivity for your teams. That’s why we offer SSO (single sign on) through multiple Identity Providers (IdP)—including Okta, Azure, and OneLogin. Qualified Enterprise SSO helps your team access Qualified through a single entry point and gives IT complete control. 

In this guide we’ll go over how to configure SSO for your Qualified account specifically using the IdP Okta.

Getting Started

  1. To get started you'll want to first login to your Qualified account and navigate to Settings > Single sign-on within Qualified. 
  2. Select "Azure AD (SAML 2.0)" in the drop down, and then copy your "Company ID" as shown below


Selecting Azure AD as the identity provider within Qualified.



Login to Azure AD

3. Within Azure create an enterprise app with SAML capability called “Qualified” and use the icon below for the logo.

Qualified logo for use in Azure.

4. Assign the app to yourself first (we’ll come back to this later)

5. Go into the SAML configuration screen and edit the Basic SAML Configuration and use the following values before clicking 'Save'

Basic SAML configuration inside Azure AD.

6.  Next, edit the User Attributes & Claims

7. Delete all the default attributes except for the Unique User Identifier (Name ID)

8. Create the following Additional Claims:

  • Claim Name: first_name - Value: user.givenname
  • Claim Name: last_name - Value: user.surname
  • Claim Name: saml_id - Value: user.objectid

  

User attributes & claims within Azure.

9. Once done with the attributes, go back to the main SAML Configuration screen

10. Copy the App Federation Metadata Url

Copying the metadata url within Azure AD.


Back in Qualified

11. Go to the SSO Settings within Qualified 

12. Select Azure AD as the Identity Provider once more

13. Paste in the Metadata URL from Azure into the field within Qualified and click Save

14. Click on the "Verify Configuration" button. This will open up a popup window and run through a full SSO login flow. If it is successful, it will automatically close itself and show a success message.

Verify your SSO configuration within Qualified.

15. Once you have successfully verified your SSO configuration, click on the "Enable single sign-on for this team."  It will show a modal with a warning that each member of your team, and you, will receive an email with a link they will need to click to bind their SSO account with their Qualified.com account.  Once that is done, you can now log in to Qualified using the new Qualified.com tile on your Azure AD Apps Dashboard.


Before you accept the modal, you need to make sure that each of your users has the application assigned to them within Azure AD.

Summary

Implementing Enterprise SSO is easy and adds an extra level of security and increases your user productivity. Simply connect Qualified to your preferred IdP, then log in to Qualified to enable your account. Once enabled, you can begin inviting team members to the Qualified application tile within your IdP.

Next Steps

As a next step in your education, you might find the following guides useful

Request a live demo

See Qualified in action on your website. Request a live demo and one of our reps will contact you immediately, or talk to us right now.

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Free custom demo
Live on your site