All Collections
Billing and account settings
Security
Setting up SSO connection via EntraID (Azure AD)
Setting up SSO connection via EntraID (Azure AD)

Learn how you can setup SSO connection via EntraID (Azure AD).

Tamás Párványik avatar
Written by Tamás Párványik
Updated over a week ago

Contents:

How to setup SSO connection via EntraID (Azure AD)

Step 1 - Register your workspace on StoriesOnBoard

  1. Visit StoriesOnBoard Registration to Create your workspace

Step 2 - Claim a new domain on StoriesOnBoard

  1. Login into your StoriesOnBoard workspace

  2. Navigate to "Advanced settings"

  3. Select "Domain control"

  4. Proceed with "Claim a new domain" option

  5. Fill out the domain details, including:

    1. Company name

    2. Domain name

    3. Set Verification method for "Ownership validator file upload "or DNA

  6. Select "Save"

  7. Then "Verify" the domain you created

⚠️ IMPORTANT ⚠️
Please note upon a successful verification on your end, our team will also need to approve your domain manually. Please wait for our approval. Once it is approved you can proceed the setup.

Step 3 - Access domain configuration in StoriesOnBoard

  1. After verification proceed with "Configure"

  2. Select the "SSO settings" tab

  3. "Enable SAML 2.0 Single Sign On"

  4. Select "SP MetaData" tab - you will need to copy fields from here

Step 4 - Create Enterprise application in EntraID (Azure AD)

  1. Login to https://portal.azure.com

  2. Select "Enterprise applications"

  3. Click on "New application"

  4. Select "Create your own application"

  5. Enter your application name

  6. Proceed with "Create"

  7. Select the "Set up single sign on" option

  8. Click on "SAML"

  9. Edit "Basic SAML Configuration"

  10. Copy Entity ID from StoriesOnBoard and paste it

  11. Copy Login URL (ACS) from StoriesOnboard and paste it into the "Assertion Consumer Service URL" field

  12. Copy Logout URL (SLO) from StoriesOnBoard and paste it into the "Logout URL" field

  13. Click on "Save"

  14. Download "Federation Metadata XML"

  15. Visit "Users and Groups" and assign users to your application

Step 5 - Configure your domain in StoriesOnBoard

  1. Go back to StoriesOnBoard to Configure domain settings > SSO Settings

  2. Paste the "Federation Metadata XML" into "Identity Provider MetaData" field

  3. Enter First name attribute as : http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname

  4. Enter First name attribute as : http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname

  5. Save your settings

Step-by-step guide to setup SSO connection EntraID (Azure AD)

Step 1 - Register your workspace on StoriesOnBoard

Visit StoriesOnBoard Registration to Create your workspace.

Step 2 - Claim a new domain on StoriesOnBoard

Go to settings and select "Advanced settings" then "Domain control".

Proceed with "Claim a new domain".

Enter your "Company Name", then enter your "Domain name" and proceed with the "Ownership validation file upload" option or DNA approach and "Save" your settings.

Click to "Verify" your domain and complete verification.

⚠️ IMPORTANT ⚠️
Please note upon a successful verification on your end, our team will also need to approve your domain manually. Please wait for our approval. Once it is approved you can proceed the setup.

Step 3 - Access domain configuration in StoriesOnBoard

Once after our team approved your domain, the domain must be configured as following.

Visit the "SP MetaData" tab. You will be asked later to copy data from this tab and paste it into Azure.

Step 4 - Create Enterprise application in EntraID (Azure AD)

Login to https://portal.azure.com then select the "Enterprise applications" menu.

Proceed with "New application".

Then select "Create your own application".

Enter your application's name as following and select "Create".

Proceed with the "Set up single sign on" option.

Then select "SAML".

Navigate to "Basic SAML Configuration" and click on "Edit".

Open StoriesOnBoard as it displayed in Step 3 and access domain configuration to copy and paste the following information to Azure:

  • EntityID

  • Login URL (ACS)

  • Logout URL (SLO)

Then save your settings.

Then download "Federation Metadata XML".

Now you can visit "Users and Groups" and assign users to your application.

Go back to StoriesOnBoard to domain configuration and select "SSO settings". Enable SAML 2.0 Single Sign On.

Fill the following information:

First name attribute: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname

Last name attribute: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname

Then paste the content of the "Federation Metadata XML" into the "Identity Provider MetaData" field and "Save" your settings.

Now you can take advantage of SSO connection via EntraID (Azure AD).

Did this answer your question?