Articles in this section

See more

Setting up Single Sign On with Microsoft Entra ID (formerly Azure)

Avatar
Tarun Philip
  • Updated
Follow

Folio supports Single Sign On with Microsoft Entra ID. You will need to configure both Microsoft Entra as well as Folio.

Folio also allows you to have multiple Single Sign on IdP's - Meaning you could have two Microsoft Entra Logins or have one Microsoft Entra login button and one Okta login button. 

Here are the instructions on how to set up Single Sign On with Microsoft Entra. 

Set up in Microsoft Azure

Set up in Folio

Set up in Microsoft Azure

To enable Provisioning with Entra ID you will first need to set up Folio in Enterprise Application.

  1. In Azure Portal click on Microsoft Entra ID

OPIz5Lnsb3.png

  1. Click on Enterprise Applications under Manage

imjQxPe0Pu.png

  1. Click on New Application

DrAckdiow2.png

  1. Click on ‘Create your own application’

N7NP9B8Lw5.png

  1. Use the Following to setup the new app
image30.png

What's the name of your app

Folio

What are you looking to do with your application

Integrate any other application you don’t find in the gallery (Non-gallery)

Click Create at the bottom to create the app

  1. On the sidebar click on Single sign-on under Manage

rF3NZSncST.png

  1. Click on SAML

Ut7w7cEVTK.png

  1. In the Basic SAML Configuration box click on edit

 

XE1Cmp2gBT.png

  1. Click on Add identifier under Identifier (Entity ID)

NM5SMxnepE.png

  1. Enter your Folio production URL into the field and tick Default

  1. Click on Add reply URL under Reply URL

  1. Then Enter your production URL as shown below

 https://{{$fol_name}}.foliogrc.com/d/users/auth/saml/callback - This one should be marked as default

Note : If you are wanting to use Single Sign on in your sandbox you can click Add reply URL again and add in the url below for sandbox

https://{{$fol_name}}.sandbox.usefolio.com/d/users/auth/saml/callback

  1. Click Save ontop of the Basic SAML Configuration screen.

  1. Then click close with the x on the right of the screen

To make the setup easier, we recommend you copy this table into a word doc, replacing the folio_name in the first three rows with your URL (These are the ones you have already filled in before). The last two rows are url's you will copy out of entra into the document to be filled into Folio later

Issuer/ Identifier(Entity ID)

https://{{$folio_name}}.foliogrc.com

Reply URL (Assertion Consumer Service URL)

 https://{{$folio_name}}.foliogrc.com/d/users/auth/saml/callback
https://{{$folio_name}}.sandbox.usefolio.com/d/users/auth/saml/callback
App Federation Metadata URL STEP 15
Login URL STEP 16

  1. In ‘SAML Certificates’ section copy ‘App Federation Metadata Url’ into the Reference table above

  1. In ‘Set up Folio’ section, copy ‘Login URL’ into the Reference table above

Set up in Folio

  1. Now open Folio and go to the admin screen

  1. Click on Sign On and Security on the admin screen

  1. Then click Edit

  1. Check ‘Single Sign On through SAML’ and fill in the fields below based on the reference table you copied

Folio Field Reference Table Row
Name The Name field is what the button will appear as on your login screen, so with the below screenshot the login button would say Sign In Using Azure
Issuer Issuer/ Identifier(Entity ID) - https://{{$folio_name}}.foliogrc.com
IDP SSO Target URL Login URL - From step 16
Federation XML URL App Federation Metadata URL - From step 15
IDP Certificate SHA1 Fingerprint Leave This blank
ID Claim/Name ID Format This is auto filled and shouldnt be edited

Now when you log into Folio you will see that you can login using Azure Single Sign on

Related articles