Overview: This article provides a walkthrough for configuration Azure AD as an identity provider for Tenfold single sign-on.
1. In Azure AD Admin console navigate to Azure Active Directory and then Enterprise Applications
2. Select All Applications and then New Application
3. Select Non-Gallery Application. Type in name of the application (E.g. Tenfold) and press Add.
4. Click on Single Sign-On and then select SAML.
5. In the Basic SAML Configuration section click on the edit (Pencil) icon.
6. Enter the Reply URL and Entity ID then click Save.
Reply (Assertion Consumer URL):
Identifier (Entity ID):
7. In the User Attribute & Claims section click on the edit (Pencil) icon.
8. Click on the edit (Pencil) icon next to Name Identifier Value. In Source Attribute select user.mail from the drop-down and press Save.
9. In the SAML Signing Certification section click on download next to Federation Metadata XML
10. Go back to the Add an Application section, select Users & Groups and press Add.
11. Click on Users & Groups, click on the users that are to user Azure SSO with Tenfold, then press Select and then Assign.
12. In the Tenfold dashboard, navigate to the Single Sign-On feature configuration page. Set the Domain to the value which you want your users to enter when logging in to Tenfold (E.g.
acme-org ), click on Upload file and select the Federation Metadata XML file which was downloaded in step #9. Click Save at the bottom of the page.
13. You are ready to use Azure AD to authenticate to Tenfold. The below gif demonstrates the login flow with the Azure after using Microsoft multi-factor authentication: