All Collections
Teams and Organizations
SAML
Configuring Single Sign-on with Azure AD
Configuring Single Sign-on with Azure AD
Matt Houser avatar
Written by Matt Houser
Updated over a week ago

Use this guide to create and configure your Azure AD SSO account as a single sign-on Identifier Provider (IdP) for your Skeddly account.

Step 1: Download the Skeddly metadata XML file

Download the Skeddly metadata XML file from https://app.skeddly.com/Content/saml/skeddly-metadata.xml

This file will be needed later.

Step 2: Create the Skeddly application in your Azure portal

1. In the Microsoft Azure portal, navigate to the "Azure Active Directory" configuration.

2. Click on "Enterprise Applications" to go to the list of all enterprise application.

3. Click on the "+ New Application" button.

4. Click on the "+ Create your own application" button.

5. Call your new application "Skeddly", and click the blue "Create" button.

6. When your application is created, click on "Single sign-on" on the navigation panel, and choose "SAML" from the choices available.

7. Click on the "Upload metadata file" button, and choose the Skeddly metadata XML file you downloaded earlier.

8. On the "Basic SAML Configuration" dialog that appears, leave everything as-is and click the "Save" button. Close the "Basic SAML Configuration" dialog.

If asked to test your new application, choose "Later".

9. Still on the "SAML-based Sign-on" page, click the "Edit" button on the "User Attributes & Claims" section.

10. In the "Required claim" section, click on "Unique User Identifier (Name ID)".

11. Change the "Source attribute" to "user.mail", then click "Save".

Close the "User Attributes & Claims" dialog.

If asked to test your application, choose "Later".

12. In the "SAML Signing Certificate" section, download the "Federation Metadata XML" file and save for later.

Keep your Azure portal window open, we'll be returning to it later.

Step 3: Create an Identity Provider in Skeddly

Step 4: Configure Your Skeddly Application's Attributes

1. Return to your Skeddly SAML application in the Azure portal window.

2. In the "User Attributes & Claims" section, click the "Edit" button.

3. Click the "+ Add new claim" button.

4. In the "Name" field, put https://skeddly.com/SAML/Attributes/Roles

5. Leave the "Namespace" field blank.

6. In the "Source attribute" field, specify a comma-separated list of the following:

  • One and only one SRN of your Skeddly identity provider (that you created above). This can be copied from your identity provider's "view" page in your Skeddly account.

  • One or more SRNs of Managed Policies to be applied to the user when they are signed-in. These SRNs can be found in the Managed Policies pages in your Skeddly account.

For example, the value for this attribute could be:

srn:skeddly:idp::012345678:my-idp, srn:skeddly:policy:::standard

Note 1: The Azure portal may show your Source attribute value with quotes. Don't enter them yourself.

Note 2: The Azure portal may split https://skeddly.com/SAML/Attributes/Roles between the "Name" and "Namespace" fields, like this:

This is acceptable.

7. Click "Save".

8. Return to the "SAML-based Sign-on" page, and go to the "Users and groups" page.

9. Add yourself as a user.

10. Return to the "Single sign-on" page, scroll to the bottom, and click the blue "Test" button.

11. Click "Sign in as current user".

You should now see the Skeddly dashboard.

12. Add your new Skeddly application to any users that require it. They can launch Skeddly from "My Applications"

Did this answer your question?