Microsoft Entra ID SAML setup

Enable your Entra ID users to access 1Password SaaS Manager with Single-Sign-On (SSO).

Note: 1Password SaaS Manager was previously named Trelica. Some commands and integrations still use or refer to Trelica. Follow directions as written to avoid errors.

Add 1Password SaaS Manager to Microsoft Azure

Create an Enterprise Application

1Password SaaS manager, formerly named Trelica, is still listed as Trelica with some integration partners.

  1. Log in to Microsoft Azure and search for the Enterprise Applications service.
  2. Select New application.
  3. 1Password SaaS Manager is part of the Microsoft Entra gallery, which helps to speed up configuration. Search for Trelica, then select the Trelica app.
  4. A panel will open on the right-hand side. At the bottom, select Create to add the app.

Assign a test user

To test the SAML SSO connection, assign an existing test user to SaaS Manager:

  1. Select 1. Assign users and groups, then select Add user/group.
  2. Under Users and groups, select None Selected to display the Users and groups list. Search for your user account and then select Select.
  3. Select Assign. The user is added to the list.

Configure SSO in Microsoft Azure

In the left-hand menu select Single sign-on and then select SAML. In the Basic SAML Configuration box, select Edit.

Get configuration information from SaaS Manager

Azure needs the ACS URL from SaaS Manager. You can see this on the SAML Identity providers page.

  1. Open SaaS Manager in a new browser tab, as you will need to switch back to Microsoft Azure shortly.
  2. Log in to SaaS Manager and go to Settings > Users > SAML providers.
  3. Copy the SAML Assertion Consumer Service (ACS) URL to the clipboard.
  4. Go back to the Microsoft Azure browser tab and paste the ACS URL into the Reply URL field.
  5. Select Save and then close the Basic SAML Configuration pop-up.

Configure SaaS Manager

Scroll down to section 3, SAML Certificates, and copy the App Federation Metadata URL to the clipboard.

The next step involves putting the App Federation Metadata URL you copied from Microsoft Azure into SaaS Manager:

  1. Return to your SaaS Manager browser tab and go to Settings > Users > SAML providers.
  2. Select New. The New SAML Identity Provider dialog is displayed.
  3. In the Name field enter Entra ID and set the Metadata type to Metadata from URL.
  4. Paste the App Federation Metadata URL you copied from Microsoft Azure into the Metadata URL field.
  5. Select Create.

Finalize configuration in Azure

Go back to the Microsoft Azure tab in your browser, select Test this application and then select Test sign in to test the connection with the current user account. SaaS Manager is opened in a new browser tab. 

Test the connection

To test that SAML SSO is working, open the Microsoft My Apps portal and select the Trelica icon.

After a short pause you should be logged in to SaaS Manager.

Was this article helpful?

0 out of 0 found this helpful

Comments

0 comments

Please sign in to leave a comment.