All Collections
Enable SSO Using Microsoft Azure
Enable SSO Using Microsoft Azure

Set up single sign-on using Microsoft Azure

Mihovil Nakic avatar
Written by Mihovil Nakic
Updated over a week ago

Step 1 - Copy data from Productive to Azure

To set up SSO in Microsoft Azure, go to your Azure account and select SAML from the Single sign-on Settings:

Edit the Basic SAML Configuration:

Go into your Productive settings and from Settings - SSO copy Audience URI:

Go back to Azure and paste the URI, set it as default by ticking the checkbox, and delete the first row.

If an editable box does not appear, refresh the page and try again.

Go back to Productive and copy the Single sign-on URL:

Paste the Single sign-on URL under Reply URL and click on Save:

Step 2 - Copy data from Azure to Productive

Under SAML Signing Certificate copy the App Federation Metadata URL:

And paste it under Metadata URL in Productive settings (Settings - SSO):

Go back to Azure and copy the Login URL:

Paste the Login URL from Azure into Productive under Identity Provider Single Sign-on URL:

Step 3 - Add User in Users and Groups

Next, go to User Attributes & Claims and click on Edit:

In case the Claim Value cannot be updated, we need to check for and create a user.

Go back to the previous menu, select Users and groups and click on Add workgroup:

Click on Users - none assigned and select your account from the dropdown field on the right. Click on select in the bottom right and the status will update showing 1 user selected.

Confirm changes by selecting Assign:

Step 4 - Update Claim Value

Go back to User attributes & claims and click on Value again.
This time, another window will open where you can update the user claim.


Change the Source attribute. Instead of user.userprincipalname (or any other default items), select user.mail from the dropdown menu.

Once the attribute has been updated, Save changes.

The Value should now appear like this after receiving a notification that the changes have been successfully saved.

Make sure that in the main menu User Attributes & Claims are listed as following:

Step 5 - Enable and Test SSO

With all the URLs inserted, click on Enable SSO. You will receive a notification saying Single Sign-on has been enabled.

Now go back into Azure and select Test to test the single sign-on application you have created for Productive.

Select Sign in as current user and you will be automatically logged in to Productive!

Did this answer your question?