Microsoft Entra ID SAML setup

Enable your Entra ID users to access 1Password SaaS Manager with Single-Sign-On (SSO).

Add 1Password SaaS Manager to Microsoft Azure

Create an Enterprise Application

  1. Log in to Microsoft Azure and search for the Enterprise Applications service.
  2. Click New application.
  3. 1Password SaaS Manager is part of the Microsoft Entra gallery, which helps to speed up configuration. Search for Trelica (now 1Password SaaS Manager), then select the Trelica app.
  4. A panel will open on the right-hand side. At the bottom, click Create to add the app.

Assign a test user

To test the SAML SSO connection, assign an existing test user to SaaS Manager:

  1. Choose 1. Assign users and groups, then click Add user/group.
  2. Under Users and groups, click None Selected to display the Users and groups list. Search for your user account and then click Select.
  3. Click Assign. The user is added to the list.

Configure SSO in Microsoft Azure

In the left-hand menu select Single sign-on and then select SAML. In the Basic SAML Configuration box, click Edit.

Get configuration information from SaaS Manager

Azure needs the ACS URL from SaaS Manager. You can see this on the SAML Identity providers page.

  1. Open SaaS Manager in a new browser tab, as you will need to switch back to Microsoft Azure shortly.
  2. Log in to SaaS Manager and go to Settings > Users > SAML providers.
  3. Copy the SAML Assertion Consumer Service (ACS) URL to the clipboard.
  4. Go back to the Microsoft Azure browser tab and paste the ACS URL into the Reply URL field.
  5. Click Save and then close the Basic SAML Configuration pop-up.

Configure SaaS Manager

Scroll down to section 3, SAML Certificates, and copy the App Federation Metadata URL to the clipboard.

The next step involves putting the App Federation Metadata URL you copied from Microsoft Azure into SaaS Manager:

  1. Return to your SaaS Manager browser tab and go to Settings > Users > SAML providers.
  2. Click New. The New SAML Identity Provider dialog is displayed.
  3. In the Name field enter Entra ID and set the Metadata type to Metadata from URL.
  4. Click New. The New SAML Identity Provider dialog is displayed.
  5. In the Name field enter Entra ID and set the Metadata type to Metadata from URL.
  6. Paste the App Federation Metadata URL you copied from Microsoft Azure into the Metadata URL field.
  7. Click Create.

Finalize configuration in Azure

Go back to the Microsoft Azure tab in your browser, click Test this application and then click Test sign in to test the connection with the current user account. SaaS Manager is opened in a new browser tab. 

Test the connection

To test that SAML SSO is working, open the Microsoft My Apps portal and click the Trelica icon.

After a short pause you should be logged in to SaaS Manager.

Was this article helpful?

0 out of 0 found this helpful

Comments

0 comments

Please sign in to leave a comment.