How To Set Up SSO SAML in Azure AD

Below are the steps your Azure AD Administrator can use to set up SSO to log into Tripleseat with an Azure AD login:

Log into Azure AD and click on the Menu button if the menu is not showing:
mceclip1.png

Then click on Azure Active Directory:

mceclip2.png

On the Active Directory screen choose Enterprise Applications:
mceclip3.png

Choose New application:

mceclip4.png

Choose Non-gallery application on the next screen:
mceclip0.png

Type Tripleseat in the Name field:
mceclip1.png

Choose Set up single sign on:

mceclip2.png

Click the SAML option:

mceclip3.png

Click the pencil in the Basic SAML Configuration box:

mceclip4.png

Fill in the top 3 fields with the following and then hit Save at the top of the screen, the rest can stay blank:

Identifier: https://login.tripleseat.com/saml_metadata
Reply URL: https://login.tripleseat.com/saml_acs
Sign on URL: https://login.tripleseat.com

mceclip5.png

Next we will be filing out information to connect Tripleseat with your Azure AD account. Log into Tripleseat in a new browser tab or window as you will be copying and pasting multiple items between both systems.

In Tripleseat click on Settings, click on Preferences and then click on User Authentication. Check Enable Connection in the SAML Settings area.

In the IDP Display Title type in Azure, click the copy button next to Azure AD Identifier and paste the URL in Issuer URL in Tripleseat. Click the copy button next to Login URL in Azure and paste that URL in SAML 2.0 Endpoint URL in Tripleseat.

In the SAML Signing Certificate area in Azure, press Download next to Certificate (Base64), open the file in TextEdit (Mac), Notepad (Win) or any other plain text editor. Copy the full text from the certificate and paste it into the IDP Certificate in Tripleseat.

If you want to only allow Tripleseat users to log in with only Azure AD credentials, click Required for all users. If this is not checked, they can log in with either Tripleseat or Azure credentials. We recommend keeping this unchecked until you've tested SSO successfully with your users. Click Update to save in Tripleseat:

mceclip6.png

Go back to the Azure AD tab in your browser and click on Users and Groups:

mceclip7.png

Click on Add User:

mceclip9.png

On the following screen choose Users, then select the users on the right hand that need access to Tripleseat and then click Select. Please note the email addresses for these users need to match the email addresses they use for their Tripleseat login:

mceclip10.png

You will see an overview of how many users are being assigned, click Assign at the bottom of this page:

mceclip11.png

You are now set up for SSO. Go back to the Tripleseat tab, log out of Tripleseat (bottom left button) and you will now see the option to log into Tripleseat using your Azure AD credentials:

mceclip12.png

 

 

Have more questions? Submit a request

Comments