Azure Active Directory (Azure AD) is Microsoft's cloud-based directory and identity management service that you can integrate with Split's SAML 2.0 API to allow users to log into Split using their single sign-on (SSO) credentials. Learn more about configuring SAML in Split.
Create SSO app
- Navigate to manage.windowsazure.com.
- Click Active Directory in the left navigation panel (you may need to scroll down).
- Select the directory to use for SSO.
- Select the Applications section along the top navigation bar.
- Click Add at the bottom of the screen.
- Select Add an application from the gallery.
- Select Custom > Add an unlisted application my organization is using.
- Type in a name (for example, Split) as the application name, and then click the checkmark at the bottom of the screen.
- After the application is created, select Configure single sign-on.
- Select Microsoft Azure AD Single Sign-On. Click the next arrow at the bottom of the page.
- Enter placeholder URLs. These will be replaced in later steps. Click the next arrow.
- Click Download Metadata (XML), then check the box confirming that you have configured SSO. Click the next arrow.
- Type in an email address to use for maintenance issue notifications.
If you are a Split administrator, you can configure SAML in Admin Settings.
- Go to Admin Settings > Security > SAML.
- Add the IdP metadata downloaded from Azure in Step 12 above.
- Enable/disable SAML Strict Mode.
- Enable/disable Just-in-Time User Provisioning.
- Click Save.
When you save these changes, you can view the summary of the SAML configuration parameters.
- Copy the Assertion Consumer Service URL to use in the Add SAML settings procedure.
Add SAML settings
You already completed each of the steps in the Create SSO app procedure above, so in these steps, just go back through the screens to input additional information.
- Go back to Azure and resume the configuration process (Applications > Configure single sign-on).
- Go to step 2 to configure app settings.
- Paste in the Assertion Consumer Service URL from Split. Populate the URL in both the Identifier and Reply URL fields.
- Click through each step to the end.
Split is now linked with Azure.