Set Up Azure SSO/SAML Integration

This topic will walk you through how to set up Azure SSO/SAML integration in Ironclad. 

Disclaimer: If you change your domain, your access to Ironclad is prohibited. Contact Support (support@ironcladhq.com) for assistance before migrating a domain.

​​​

Set Up Azure in Ironclad

1. In your Microsoft Azure portal, click the menu located in the top left, and then click Azure Active Directory > Enterprise applications.
2. Click New application.
3. Select Non-gallery application, and for the Name field, enter Ironclad.
4. In the left panel, click Manage > Single sign-on. Select SAML.
5. Set up a basic SAML configuration. To do this:
   1. Next to the Basic SAML Configuration section, click the pencil icon. A panel displays on the right side of the screen.
   2. In the Identifier field, enter ironcladapp.com.
   3. In the Reply URL field, enter the Callback URL found on your Ironclad SAML Integrations page.
6. Configure the User Attributes & Claims. To do this:
   1. Next to the User Attributes & Claims section, click the pencil icon. A panel displays on the right side of the screen.
      1. In the Additional Claims section, enter the following (case sensitive):
         1. In the Claim name field, enter email. In the Value field, enter user.mail.
         2. In the Claim name field, enter firstName. In the Value field, enter user.givenname.
         3. In the Claim name field, enter lastName. In the Value field, enter user.surname.
      2. Verify the namespace URL field is blank.
7. Configure the SAML Signing Certificate. To do this:
   1. ​​​​​​​In the SAML Signing Certificate section, locate Federation Metadata XML and click Download. A file named “Ironclad.xml” is downloaded.
   2. On the Ironclad SAML Integrations page, under IdP Configuration XML, click Upload. Upload the Federation Metadata XML file from Azure.
   3. Click Save.
8. The configuration is complete. You can use the Azure Active Directory to add individual users and groups to Ironclad.

Assign Individual Users to the Ironclad App in Azure

1. In your Microsoft Azure portal, click the menu located in the top left, and then click Azure Active Directory > Enterprise applications > All Applications.
2. Search for the Ironclad application you created.
3. Click Assign users and groups, and then click Add user.
4. Click None Selected.
5. In the list of users, select the users that you want to add to the Ironclad application.
6. Click Select, and then click Assign. Once you receive a confirmation, your users are added to Ironclad.

Assign Groups to the Ironclad App in Azure 

1. In your Microsoft Azure portal, click the menu located in the top left, and then click Azure Active Directory > Enterprise applications > All Applications.
2. Search for the Ironclad application you created.
3. Click Assign users and groups, and then click Add user.
4. Click None Selected.
5. In the list of groups, select the groups that you want to add to the Ironclad application.
6. Click Select, and then click Assign. Once you receive a confirmation, the users in that group can log in to myapps.microsoft.com and have access to the Ironclad application.