Instructions for Azure (Active Directory) SAML 2.0 Single Sign On Setup

This article is an overview of the steps required to integrate ContractSafe with Active Directory hosted on Azure.  In order to set this up, you must have Admin or Account Manager access on ContractSafe and also Admin access on Azure.

1. In ContractSafe Settings, under Security & Integrations, turn on SSO and generate the ContractSafe Saml2 Single Sign On URL url.

2.   In Azure, Add a Non-Gallery application:

3.  Use the ContractSafe Saml2 URLs to configure the Identifier and Reply URL in SSO settings in Azure:

4.  In Azure, add an Attribute and enter the name as email and set the value to user.mail: 

5.  In ContractSafe Settings, under Security & Integrations, enter the word email in the Email Identifier field.

6.  Download the metadata.xml and upload to ContractSafe

7.  Add AD users to ContractSafe if needed.

8.   Add user to new Azure App and test.