Configuring Azure SSO for Tiled is split into two parts. The first part details how to configure the settings in Azure Account and the second part covers how to configure the settings in Tiled.
First, decide which domain users will enter to authenticate to your Tiled account. In this document, we will use tiled-example.co. This domain must be unique to your Tiled account.
Part 1: Azure Settings
This setup might fail without claims values that are customized for your organization.
- Navigate to Microsoft Entra ID
- Select Enterprise Applications
- Create a New Application
- Select Create Your Own Application
- Name your application and select Integrate any other application you don't find in the gallery (Non-gallery)
- Click Create at the bottom of the form
- Assign Users/Groups to the application
- Navigate to the Single Sign-On section
- Select SAML
- Edit Basic SAML Configuration with the following values matching your domain:
Identifier: https://api-pp.tiled.co/v2/auth/device/saml2/tiled-example.co/metadata.xml
Reply URL (ACS URL): https://api-pp.tiled.co/v2/auth/device/saml2/tiled-example.co/assert - Add the following two claims (source attribute value depends on your Azure configuration):
NAME
EMAIL - Download XML Federation Metadata
Part 2: Tiled Settings
- In Tiled navigate to Account Settings.
- Select Enable SSO
- Navigate to the SAML Tab
- Paste your domain (ie: tiled-example.co)
- Paste the XML contents
- Click Update SSO Settings
- Optionally enable Auto Provisioning
The Azure/Tiled SAML integration currently supports the following features:
- SP-initiated SSO
- IdP-initiated SSO
- JIT (Just In Time) Provisioning.
If you are not using Azure and need help setting up your specific authentication provider, submit a ticket to support.tiled.co.