Single sign-on (SSO) allows users to log in to Klaxoon using their Microsoft Entra ID. Here's a detailed guide to setting up SSO.
Prerequisites
Microsoft Entra ID administrator account with sufficient roles (Application Administrator, Cloud Application Administrator or Owner)
The single sign-on option must be enabled in your Klaxoon subscription
A configuration session will be scheduled with Klaxoon technical teams
Configuration
1. Add Klaxoon to Microsoft Entra ID
Log in to the Microsoft Azure portal with an administrator account.
Go to Identity>Applications>Enterprise applications>New application
Search for Klaxoon SAML in the application gallery, then click on Create to create the application.
Select Configure single sign-on.
2. Configure single sign-on (SSO)
Select SAML as authentication method.
Complete the basic SAML configuration:
Identifier (Entity ID): Enter the specific URL provided by Klaxoon.
Reply URL (Consumer Assertion Service URL): Copy the URL provided by Klaxoon.
Attributes to be included in the SAML callback frame :
Last name (“familyName”)
First name (“givenName”)
Email (“emailAddress”)
NameID format:
Persistent
In the SAML signature certificate section, search for XML federation metadata and select Download to download the certificate and save it on your computer.
3. Assign users or groups
In Microsoft Entra, go to Identity>Users>All users.
Click on Add user/group, then select the users or groups you wish to access Klaxoon.
4. Configuring and testing settings
A configuration session should be scheduled with Klaxoon technical staff. You will need to transmit the metadata file downloaded earlier (see point 2.3). Authentication tests will then be carried out (pre-production and/or production phase). At the end of these tests, SSO will be functional.
If you'd like to find out more about SSO, take a look at the resources available at this link.