Using Colloquial single sign-on with Azure AD/Entra ID
Note: This can only be set up by the admin user in both Azure AD and your Colloquial account.
Colloquial's Single Sign-On (SSO) feature integrates with Azure AD to ensure that your team can access Colloquial easily using your identity provider.
Install an Enterprise App and assign a user
The first step for you to set up Colloquial single sign-on with Azure AD/Entra ID is to install an app. Go to your Azure Portal and, in Azure AD/Entra ID, add a new application.
To do this, go to the sidebar on the left-hand side of the page, and select "Enterprise applications - Create your own application".
You can name the app as you wish, Colloquial SAML in the example below. Next, click "Create".
Click into your new app in Azure AD/Entra ID, and add yourself to the app by clicking on the "Assign users and groups" option. To start, add yourself to the account.
Note: The first user added to Azure AD/Entra ID should be an admin user in Colloquial and Azure AD/Entra ID
Configuring SSO
Once you have added yourself to the application, click on the Single-sign-on-option > SAML.
In your Colloquial account, go to Settings > Security and SSO.
In Colloquial, choose an Organisational Slug and save..
In Azure AD/Entra ID, go to the Single-Sign-On > SAML section of your Colloquial Enterprise App settings and copy and paste the values from your Colloquial web app settings page.
You should first match the values from the Entity ID in Colloquial to the Azure AD/Entra ID Identifier (Entity ID), as well as Colloquial's Reply URL to Azure AD/Entra ID's Reply URL.
Validate Colloquial's SAML Attributes Mapping matches Attributes & Claims.
Next, you will need to download the Certificate (Base64) from Azure AD. Once downloaded, open the certificate in any text editor and copy and paste the text to the X.509 certificate field in your Colloquial SSO settings page.
You will then need to copy your Login Url from Azure to the Your Identity Provider (IdP) URL in Colloquial. Download the certificate as Base64 and copy this into the X.509 Certificate field.
Test your Single Sign-On by browsing to the Organisation Single Sign-On (SSO) URL (see top of page) and testing logon for the user specified in step one.
https://app.colloquial.io/login/‹organisation-slug›/saml
If the test completed successfully, add all users which are authorised to use Colloquial to User and Groups.