The following is a generic guide for setting up SSO through Azure AD as a SAML application. Your exact setup may differ depending on your version of Okta and desired setup.

SAML application setup

Gr4vy supports various configurations for Azure. The following is an example of an Azure setup.

  1. Log into your Azure dashboard
  2. Head over to Microsoft Entra ID -> Add -> Enterprise Application
  3. Enter a name for the new application. This will need to match the name of the connection we create in our configuration, so we recommend using the following. If a different identifier is chosen then we need to reflect that in all the configuration below. The gr4vy_id here is the name of your instance.
    • Sandbox: {gr4vy_id}-sandbox-saml
    • Production: {gr4vy_id}-production-saml
  4. Select the non-gallery option for the application type and select Create
  5. Select Single sign-on in the left menu
  6. Select SAML for the SSO method
  7. Edit the Basic SAML Configuration
    • Set the identifier
      • Sandbox: urn:auth0:gr4vy:{gr4vy_id}-sandbox-saml
      • Production: urn:auth0:gr4vy:{gr4vy_id}-production-saml
    • Set the Reply URL
      • Sandbox:{gr4vy_id}-sandbox-saml&organization={gr4vy_id}
      • Production:{gr4vy_id}-production-saml&organization={gr4vy_id}
  8. Click Save
  9. Download the Base64 Certificate from the SAML Signing Certificate box
  10. Copy the Login URL

Users access

Once an application is set up, it’s important to make sure the right users have access to the application. This is something that can be configured on the user profile, through a group, or through app properties. In either setup, it’s important to apply the following profile properties to the intended users.

Detailed instructions for Azure pending.