How to Set Up SSO with Azure

TABLE OF CONTENTS

Simple Steps to Set Up SSO with Azure


1. Open the Configurations tab on your left, go to the SSO Settings tab, and move the switch to On.

2. Please skip steps 3-5 if you have already set up the tenet or created the enterprise application, and added users.

3. Open your account in Azure, choose an existing tenet, or add a new one.

4. Create your own enterprise application or choose an existing one in your tenet.




5. Open your tenet, go to Manage —> Users, and Invite a new one:
  • Enter a valid email from Precoro.

  • Add this user to your Enterprise Applications.

6. Set up your SSO in the application. Go to Manage (from your Enterprise Applications) —> Single Sign-On —> choose the SAML method.



7. Fill out Step 1 (Basic SAML Configuration). The data in Azure needs to match your data from the SSO Settings  tab in Precoro:

  • Entity ID —> Identifier (Entity ID).
  • ACS —> Reply URL (ACS URL).
  • Single Logout Response Endpoint —> Logout URL.

8. Download Federation Metadata XML from Step 3 (SAML Signing Certificate) and upload it to Step 4 in the SSO Settings tab in Precoro.




9. Copy Azure AD Identifier from Step 4 (Set Up) and paste it to Step 3 (Identity Provider Issuer) in Precoro SSO Settings.


How to Set Up SSO for Several Companies within One Account


In Precoro’s Step 3 Identity Provider Issuer, you can input the same data for several companies under one account. To do that, make sure you have:


1. Created application in Azure.

2. Added necessary users to the application.

3. Updated settings for all Precoro companies.

Please note that you can only work with one application within one account.


Once you have completed the steps above, you will have one setting for all the accounts in a company and could utilize it in different companies within one account.

How to Invite New Users to Precoro if the SSO is Enabled

 

  • You can still invite users to your Precoro company account from the User Management tab. But first, this user must be added to your user list in Azure.
  • A new user will be redirected to the Company Login page from the invitation email.

If you have any questions, do not hesitate to contact us via online chat.