This step-by-step guide explains how to set up Single Sign-On in TeleRetro with Azure AD as your SAML 2.0 Identity Provider (IDP).
Azure AD is a popular enterprise identity provider from Microsoft. With Azure AD your organization can automatically provision and control access to software from one place.
What you'll need
- TeleRetro Enterprise plan
- One of the following roles in Azure AD: Global Administrator, Cloud Application Administrator, or Application Administrator.
What we'll cover
Configuring Azure AD as a SAML identity provider by completing the following steps:
- Create a new SAML integration in Azure AD
- Complete the SAML connection in TeleRetro
- Test the new connection
1. Create new SAML integration in Azure AD
In this step you will create and configure a new TeleRetro SAML integration in Azure AD.
Create an enterprise application
- In the Azure Active Directory Admin Center, go to
New applications> then search for
Azure AD SAML Toolkit.
TeleRetroas the application name:
- Click Create.
Configure the application
From the Overview page:
Assign the users and groups that you would like to have access to TeleRetro
Set up SAML as the single sign-on method.
Then, select SAML:
See the next section for how to configure single sign-on.
Configuring Single Sign-On
1. Basic SAML Configuration
In this section you will need to update the above using the following:
- Identifier (Entity ID): TeleRetro will provide you with an SP Entity ID to paste into this field.
- Reply URL (Assertion Consumer Service URL): TeleRetro will provide you with an ACS URL to paste into this field.
- Sign on URL: TeleRetro will provide you with an Sign on URL
2. Attributes & Claims
You can use the default settings, it should look like this:
3. SAML Signing Certificate
In this section you will need to copy the App Federation Metadata Url and download the Certificate (Base64). You will need to provide these to TeleRetro in the next step.
2. Complete the SAML connection in TeleRetro
Now that the TeleRetro SAML integration is configured in Azure AD, you can complete the connection in TeleRetro. To do so, provide the App Federation Metadata Url link and Certificate (Base64) that were downloaded in the previous setup to the TeleRetro support team. We will use these to complete the SSO configuration.
With those sent to the TeleRetro team, you can now take a break and wait for us to send you a confirmation once the SSO configuration is complete.
3. Test the new connection
After receiving a confirmation from us that the SSO configuration is complete, you can test the new connection by signing in to TeleRetro using your Azure AD account.
Feel free to contact us as firstname.lastname@example.org in case you have any questions or need help. We're here to help!
Experience a better retro
Create a retro in seconds & see for yourself.