Azure Active Directory

Using Azure Active Directory as Sign-in for Blissfully

Setting up SSO

This guide requires a user who is both an admin of Azure Active Directory, as well as an admin of Blissfully.

To kick this off, we'll begin Azure's admin area.

Create New Application

Sign in to the Azure Active Directory portal using your Microsoft identity platform administrator account.

Select Enterprise Applications > New application.

Select Create your own application. The Create your own application page appears.

Under What are you looking to do with your application? choose Integrate any other application you don't find in the gallery.

Select Create. The application Overview page opens.

Configure the Application

Select Properties to open the properties pane for editing.

Set the following options to determine how users who are assigned or unassigned to the application can sign into the application and if a user can see the application in the access panel.

Enabled for users to sign-in determines whether users assigned to the application can sign in - set this to Yes

User assignment required determines whether users who aren't assigned to the application can sign in - set this to No

Visible to user determines whether users assigned to an app can see it in the access panel and O365 launches - set this to Yes

Add the Blissfully logo to help identify the application.

Configure the Application for SAML SSO

Select Single sign-on to begin configuration.

Select SAML. The Set up Single Sign-On with SAML

Select the Edit icon (a pencil) in the upper-right corner of the Basic SAML Configuration section.

Enter in the Identifier (Entity ID) provided by Blissfully's Configure SSO page.

Enter the Reply URL provided by Blissfully's Configure SSO page.

Go to the SAML Signing Certificate section.

Download the certificate, selecting the Federation Metadata XML format.

Configure Blissfully SSO

On Blissfully's Configure SSO page, upload the Metadata XML file and submit to complete the setup. You can now optionally choose to enforce an SSO only based login scheme for your account.