SAML SSO Setup for Microsoft Azure Active Directory
Allow your users to login to Localize using Microsoft Azure Active Directory as the Identity Provider
With SAML SSO for Microsoft Azure Active Directory, your users will be able to login with their Microsoft login, simplifying and securing their login to the Localize dashboard.
Click here for a general overview of the SAML SSO setup and login processes.
Setting up SAML SSO
The setup is similar for different IdPs. Below we provide the detailed steps for setting up a SAML SSO application using Microsoft Azure Active Directory.
Step 1: Enable SAML SSO in Localize
First you'll need to enable the use of SAML SSO across your Localize Organization.
- Navigate to the Settings page under the Manage Organization menu item.
- Check the box next to Enable SAML SSO
This will display important information for Localize as the Service Provider (SP). You'll use this info later in the process.
Step 2: Create your SAML Application in Microsoft Azure Active Directory
Next you'll need to use the information provided by Localize in the SSO Settings panel to create and set up your SAML application in Microsoft Azure Active Directory.
- Open a new browser tab and login to Microsoft Azure
- Click the Manage Azure Active Directory option
- Click Create a tenant
a. By default Azure Active Directory will be selected - Click Next configuration
- Enter Organization name and Initial domain name
- Click Next
a. A Validation Passed message will appear on the final screen. - Click Create.
a. It will take a few minutes to create the tenant. - In the side menu of the tenant you just created, click Enterprise application.
- Click + New application near the top of the screen.
- Select the Non-gallery application option
- Type a name for the application and click Add
- In the screen that appears, select the Set up single sign on option
- Select SAML
- Click Edit in the Basic SAML Configuration panel.
- In the Basic SAML Configuration popup, enter the following information by copying-and-pasting from the Localize tab.
| Field | Value | Description |
|---|---|---|
| Identifier (Entity ID) | Localize-SSO | The unique Localize SP entity ID. |
| ACS URL | (Copy and paste from the Localize settings page) | The Localize endpoint that's responsible for receiving and parsing your SAML assertion. |
| Sign on URL | https://app.localizejs.com | The URL at Localize that starts the SAML login process. |
- Click Edit in the User Attributes & Claims panel.
- Choose Name ID as the Claim name and user.email for Value
- Click Save. Remove or keep other additional claims.
- Click the Download button for the Federation Metadata XML in the SAML Signing Certificate panel and name it metadata.xml.
- Copy the Login URL from the Set up {Application_Name} panel.
Step 3: Enter the IdP Details in Localize
- Switch to the Localize browser tab
- Paste the Login URL endpoint into the IdP URL field.
- Open the metadata.xml file that you downloaded, copy the contents, and paste them into the Metadata text box.
- Click Save
Step 4: Finish your SAML App Setup
- Switch back to the Microsoft Azure browser tab.
- Click Users and groups in the side menu.
- Click + Add user near the top of the screen.
- Select and assign all relevant users.
a. Make sure that the email addresses your users use to sign in to Localize match the email addresses they use to sign into Microsoft Azure.
Updated over 2 years ago