Configuring SSO with Azure

warning

Before performing SSO configuration, make sure that the value of the domain parameter in the config.ini configuration file is the current domain name of the Passwork server.

This is necessary so that IDP can download the https://<your-passwork>/sso/metadata file from your server. Your server must be configured to run over HTTPS protocol.

Example parameter in config.ini: domain = https://passwork.example.com

Go to Enterprise applications section on Azure portal and click New application.

Then click Create your own application:

Enter a name for your application:

Open the app you created, select the Single sign-on option and choose the SAML method.

Then click Edit in Basic SAML Configuration block:

Go to Passwork account settings, open SSO settings and toggle SSO on:

Copy and paste the following fields from Passwork into Azure's Basic SAML Configuration dialog and save the changes:

Download the base64-format SAML certificate and paste it into the corresponding Passwork field:

Copy and paste the following lines into corresponding fields in Passwork:

Save the changes in Passwork, then add a user into the Azure app you created.

Test SSO by clicking SSO Login on Passwork's authorization screen:

---