Skip to main content
All CollectionsSingle Sign-On (SSO)
Enabling SSO Using Microsoft Entra
Enabling SSO Using Microsoft Entra

Set up single sign-on using Microsoft Entra (formerly Microsoft Azure).

Updated over 7 months ago

Step 1: Create a New Productive Application in Entra

  1. Go to Enterprise Applications and click on New Application.

  2. Search for Productive, click on the Productive tile, and then click Create.

Step 2: Check User Information for Automatic Provisioning

Ensure all your users have their first and last names set up.

  1. Navigate to Users > All users and verify that each user has their first and last name assigned.

  2. If not, click on the Edit button, go to the Identity tab, enter the user's first and last names, and click Save.

Step 3: Assign Users to the Application

To allow users to log in via Entra SSO, assign them to the newly created application.

  1. Select your application, navigate to Users and Groups, and click on Add user/group.

  2. Select all the users you want to allow to sign in via Entra SSO, click on Select, and then click on Assign to finalize the selection.

Step 4: Copy SSO Data from Productive to Entra

  1. Navigate to Single sign-on and choose SAML as the single sign-on method.

  2. Click the Edit button in the Basic SAML Configuration section.

  3. Go to Productive Single Sign-On settings and copy the Audience URI value.

  4. Return to Entra and paste the value into the Identifier (Entity ID) field. Delete any other entries and mark this one as default.

  5. Go back to Productive settings and copy the Single sign-on URL.

  6. Return to Entra, paste it into the Reply URL (Assertion Consumer Service URL), and click Save.

Step 5: Copy SSO Data from Entra to Productive

  1. Under SAML Certificates, copy the App Federation Metadata URL.

  2. Go to Productive SSO settings and paste it into the Metadata URL field.

  3. Return to Entra and copy the Login URL.

  4. Go to Productive SSO settings and paste it into the Identity Provider Single Sign-on URL.

  5. Click on Enable SSO.

Step 6: Set Up Attributes for Provisioning in Entra

  1. Click on Edit in the Attributes & Claims section.

  2. Click on the required claim.

    • Click on Source Attribute and select "user.mail" from the dropdown. Click Save.

  3. In the Additional Claims section:

    • Click on the item with the value "user.givenname". Set the Name as first_name, and remove the value from Namespace. Click Save.

    • Click on the item with the value "user.surname". Set the Name as last_name, and remove the value from Namespace. Click Save.

Step 7: Test SSO

  1. Return to your Entra Productive application, click Single sign-on, and then click Test at the bottom.

  2. Click on Test sign in.

  3. Alternatively, go to the Productive login screen and click Use single sign-on (SSO) to test the setup.

Did this answer your question?