Azure AD - SSO Configuration

This feature is currently in beta, please reach out to your account manager or our support team in order to enable this feature.

Configuring LinearB to connect with Azure SSO consists of 2 main parts:

  1. Create and setup Enterprise Application in Azure AD
  2. Setup SSO integration in LinearB

Prerequisites

In order to successfully configure Azure SSO with LinearB, the user configuring the applciations will need admin permissions to both applications.

  • Azure AD Admin privileges
  • LinearB Admin privileges

We recommend having both applications open in your browser tabs.

Create New Enterprise Application in Azure AD

Go to your Azure portal and sign in using your admin credentials. Browse to Azure Active Directory > Enterprise applications.

Creating the Enterprise Application:

Click on "Create your own Application"

Name the application (we recommend "LinearB") and make sure to select the option to "Integrate any other application you don't find in the gallery (Non-gallery)”. Then click on “create

Configure The Enterprise Application

Complete the following steps to configure your application.

Assign Users To The Enterprise Application

Click on "assign users and groups" to add your relevant users and groups who will have access to LinearB.

The email address for the LinearB user account that will set up the SSO connection in LinearB must be included as a user in your SSO application.
Configure Owner for the Enterprise Application

Make sure that the LinearB user that will be logging into LinearB to set up the SSO connection in LinearB is included.

The email address for the LinearB user account that will set up the SSO connection in LinearB must be an owner of your SSO application.
Configure Single Sign-on Settings

Click on the "Single Sign-On" link, and select SAML

Click on edit:

  • Paste the Azure AD identifier in the Identifier (Entity ID) input
  • Go to the LinearB application -> Settings -> Single Sign On, switch on “SAML Authentication” and copy the Callback URL value.
  • Paste the callback url from the LinearB SSO configuration into the Reply URL input

Click Save

Setup SSO Integration in LinearB

Go to Linearb application -> Settings -> Single Sign On. Add in the below information.

Provider single sign-on URL

We would like to explicitly tell Azure which application it should reference. To do so we will need to add the Azure appliction ID to “Azure  Login URL” the Application Id of LinearB. The URL should now look like:

https://login.microsoftonline.com/<AZURE_TENANT_ID>/saml2/<APPLICATION_ID>

In order to get the “APPLICATION_ID” Go to application “Properties” in your Aaure SSO application and copy the application ID:

Paste the Login URL+Application ID from Azure into the Provider single sign-on URL field.

Provider issuer

Copy Azure AD Identifier from your Azure SSO application and paste it into Provider issuer field.

Certificate

Download the certificate from your Azure SSO application in Base64 format. Paste the certificate content into the Certificate input. Make sure to include the BEGIN and END delimiters.

-----BEGIN CERTIFICATE-----

XXX certificate goes here XXX

XXXXX and here too XXXXXXXXXX

-----END CERTIFICATE-----

Once these three fields have been filled, CLICK SAVE. LinearB will run a test connection and if it successfully connects, you should see the below screen.


How did we do?


Powered by HelpDocs (opens in a new tab)