Skip to main content
Skip table of contents

Integration of Single Sign-on (SSO) using SAML

SAML SSO is no longer recommended. We recommend you use SSO setup instead for a better user experience and improved security.

Legacy instructions

Prerequisites

To get started, the following things are needed:

  • An active Microsoft Entra ID subscription

  • An active SoSafe license

  • You must have created an application and assigned users as shown in the SCIM instructions in steps 1 and 2.

Preparation

Before you can set up SSO in your Azure portal, you must provide SoSafe with your Tenant ID.

To find your Tenant ID, goto https://portal.azure.com/ and select Microsoft Entra ID, followed by Properties. You might have to scroll down a bit to find the Tenant ID box.

saml1.png

Setup

Once you’ve completed the preparation phase, the setup is fairly straightforward.

  1. Go to the Azure portal, select Enterprise applications and go to the SoSafe application.

  2. Here, select Manage and then Single Sign-On.

  3. Select SAML as the Single sign-on method.

  4. On the page Set up Single Sign-On with SAML, select Edit. A new dialog will open.

    saml2.jpeg

  1. Below are the URLs that must be entered during the Entra ID setup. Please ensure to replace the placeholder <your Azure Tenant ID> with your actual Tenant ID.

    1. In the Identifier (Entity ID) text box, enter the corresponding URL:
      https://services.sosafe.de/

    2. In the Reply URL (Assertion Consumer Service URL) text box, enter the corresponding URL:
      https://api.sosafe.de/v1/auth/saml/consume

    3. In the Sign on URL text box, enter the corresponding URL. It should look roughly like this:
      https://api.sosafe.de/v1/auth/saml/login/<your Azure Tenant ID>  

    4. In the Logout Url text box, enter the corresponding URL. It should look roughly like this:
      https://api.sosafe.de/v1/auth/saml/logout/<Your Azure Tenant ID>

      saml3.jpeg

  2. Select Save.

  3. (Optional, but recommended:) Send the App Federation Metadata URL (found in section 3) to your SoSafe contact person.

    image-20250102-135416.png

  4. (Optional, but recommended:) Test the setup.

Alternate method

  1. Follow the the first 2 steps in the instructions above.

  2. On the Set up single sign-on with SAML page, scroll to the SAML Signing Certificate section and select Download next to Certificate (Base64).

    image-20240215-091554.png

  3. On the same page, scroll to Set up SoSafe and copy the 3 links provided there (Login URL, Azure Entra ID Identifier and Logout URL).

    image-20240215-091558.png

  4. Send those links alongside the contents of the certificate file from step 2 (you can open the certificate with a text editor) to your SoSafe contact person. They will then add that information to our systems and get back to you once that has happened.

  5. (Optional, but recommended:) Test the setup.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close