All Categories ​ > ​ ​Getting Started ​ > ​     Azure AD - SSO Configuration

Azure AD - SSO Configuration

Updated by Betsy Rogers

Configuring LinearB to connect with Azure SSO consists of 2 main parts:

  1. Create and setup Enterprise Application in Azure AD
  2. Setup SSO integration in LinearB

Prerequisites

  • Azure AD Admin privileges
  • LinearB Admin privileges

We recommend having both applications open in your browser tabs.

Create New Enterprise Application in Azure AD

Go to your Azure portal and sign in using your admin credentials. Browse to Azure Active Directory > Enterprise applications.

Creating the Enterprise Application:

  1. Click on "Create your own Application"
  2. Name the application (we recommend "LinearB") and make sure to select the option to "Integrate any other application you don't find in the gallery (Non-gallery)". Then, select "create".

Configure The Enterprise Application

Complete the following steps to configure your application:

Assign Users To The Enterprise Application

Click on " assign users and groups" to add your relevant users and groups who will have access to LinearB.

The email address for the LinearB user account that will set up the SSO connection in LinearB must be included as a user in your SSO application.
Configure Owner for the Enterprise Application

Make sure that the LinearB user that will be logging into LinearB to set up the SSO connection in LinearB is included.

The email address for the LinearB user account that will set up the SSO connection in LinearB must be an owner of your SSO application.
Configure Single Sign-on Settings

Click on the "Single Sign-On" link, and select SAML

Click on edit:

  1. Paste the Azure AD identifier in the Azure Identifier (Entity ID) input
  2. Go to the LinearB application -> Settings -> Single Sign On, switch on “SAML Authentication” and copy the Callback URL value
  3. Paste the callback URL from the LinearB SSO configuration into the Azure Reply URL input
  4. Click Save in Azure

Setup SSO Integration in LinearB

Go to LinearB application -> Settings -> Single Sign On. You'll complete the Provider Single Sign-on URL, Provider Issuer, and Certificate fields by following the instructions below.

Provider single sign-on URL

To build this URL, you'll need the following information from Azure:

  1. Azure Tenant ID (follow these instructions to access your Tenant ID)
  2. Application ID for the LinearB application you configured previously

In order to get the Application ID, open the LinearB SSO application in Azure and go to the application Properties. You should see an Application ID:

Generate the Provider SSO URL by adding those two values to this URL: https://login.microsoftonline.com/<AZURE_TENANT_ID>/saml2/<APPLICATION_ID>

Paste that completed URL into the LinearB Provider single sign-on URL field.

Provider issuer

In Azure, copy your Azure AD Identifier from your SSO application and paste it into the LinearB Provider issuer field. The URL must be a fully qualified URL ( https://sts.windows.net[....]/), like so:

Certificate

Download the certificate from your Azure SSO application in Base64 format. Paste the certificate content into the Certificate input. Make sure to include the BEGIN and END delimiters.

  -----BEGIN CERTIFICATE-----
XXX certificate goes here XXX
XXXXX and here too XXXXXXXXXX
-----END CERTIFICATE-----

Once these three fields have been filled, CLICK SAVE. LinearB will run a test connection and if it successfully connects, you should see the below screen.

How did we do?

Powered by HelpDocs (opens in a new tab)