Office 365 / Azure SAML Authentication

 Make sure the staff configured within HelpSpot have a username setup matching their Office365 email addresses in their HelpSpot staff profiles.

Office365 Setup

  1. Go to https://aad.portal.azure.com and click on enterprise applications.
  2. We'll create a "non-gallery" application.
    1. Select "New Application"
    2. Select "Create your own application"
    3. Give the application a name, and keep the default option "Integrate any other application you don't find in the gallery"
  3. After the app is created:
    1. Select single sign on and then choose SAML for the sign on type.
    2. Edit step 1 "Basic SAML Configuration" and enter an Identifier (Entity ID) found in HelpSpot Admin > Settings > Authentication > SAML2.0.
    3. Enter the Reply URL (Assertion Consumer Service URL) (also know as ASC URL) that is found in HelpSpot Admin > Settings > Authentication > SAML2.0
    4. Save your settings
  4. Still within the application settings, head to Users and group and choose Add User to add users or role who may authenticate into HelpSpot

HelpSpot Setup

  1. After completing the above, and saving the settings, step 3 on the SAML setup page should update with more information.
    1. Download the Federation Metadata XML file. In this file, you will find the <X509Certificate> tag. Copy the value that is between the <X509Certificate> and </X509Certificate> tags. Paste this value into Certificate field in HelpSpot Admin > Settings > Authentication > SAML2.0.
  2. Move down to step 4 is the azure SAML setup page and copy the Login URL to the Login URL (SSO) in the HelpSpot SAML setup page.
  3. Copy the Logout URL to the Logout URL (SLO) in the HelpSpot SAML setup page.
  4. Copy the Azure AD Identifier to the Entity ID in the HelpSpot SAML setup page
  5. Save your settings in HelpSpot and then head back to the Azure SAML setup page and validate your single sign-on with SAML
 

Knowledge Tags

SAML  / 

This page was: Helpful | Not Helpful