Microsoft Entra ID (formerly Azure Active Directory) is a universal platform to manage and secure identities. If your company uses Microsoft Entra ID, you may want to set up Single Sign-on for your Oktopost account and users. Oktopost supports Single Sign-on using SAML 2.0, which you can easily integrate with Microsoft Entra ID as the Identity Provider (IDP). Oktopost supports both SP-initiated and Idp-initiated single sign-on, and in this tutorial, we'll show you how to set it.
Prerequisites
To set up Microsoft Entra ID Single Sign-on for Oktopost, you must have:
- Admin access to Oktopost.
- Admin access to Microsoft Entra ID
Adding Oktopost SAML from the Gallery
First, to integrate Oktopost with Azure AD, you must add Oktopost to your list of apps. Sign in to your Azure portal, and navigate to Azure Active Directory.
Then, select Enterprise applications → All applications.
To add an application, select New application.
In the Add from the gallery section, type Oktopost SAML in the search box.
Select Oktopost SAML from results panel and then add the app. Wait a few seconds while the app is added to your tenant.
Configure Azure AD Single Sign-on
In the Azure portal, on the Oktopost SAML application integration page, find the Manage section and select single sign-on.
On the Select a single sign-on method page, select SAML.
On the Set up single sign-on with SAML page, click the pencil icon for Basic SAML Configuration to edit the settings.
On the Basic SAML Configuration section, the user does not have to perform any steps as the app is already pre-integrated with Azure, unless your account is EU-hosted, in which case you would add eu- to the front, ex: https://app.oktopost.com would become https://eu-app.oktopost.com for the Identifier field.
Click Set additional URLs and perform the following step if you wish to configure the application in SP initiated mode:
In the Sign-on URL text box, type the URL: https://app.oktopost.com/auth/login
or for EU-hosted accounts:https://eu-app.oktopost.com/auth/login
Click Save.
On the Set up single sign-on with SAML page, in the SAML Signing Certificate section, find Certificate (Base64) and select Download to download the certificate and save it on your computer.
On the Set up Oktopost SAML section, copy the appropriate URL(s) based on your requirement.
Configure Oktopost Single Sign-on
Now that you've set up the Azure AD app, open a separate browser tab and sign in to Oktopost. Go to Account Settings → Security → Single Sign-on. Select "Yes" on "Enable Single Sign-on" to enable the SSO and complete the steps below.
- Copy the Login URL which you have copied from the Azure portal, and paste it into the SAML Endpoint field in Oktopost.
- Copy the Azure AD Identifier value which you have copied from the Azure portal, and paste it into the Issuer URL field in Oktopost.
- Take the downloaded Certificate (Base64) from the Azure portal and upload it to Oktopost.
- Click Save, and you're done.
Once you're done configuring the integration, you can grant access to users from the Users and groups application pane in Azure AD. You can test the integration by signing out of Oktopost and using the "Test" option in Azure AD.