Azure SAML

Use this guide to set up Azure SSO SAML for your organization on Popl Teams

Overview

Azure SAML 2.0 is a widely-used authentication protocol that allows users to log in to multiple applications using a single set of credentials. By using this protocol, companies can centralize their user authentication and authorization, reducing the need for multiple login credentials and streamlining the user experience. Additionally, Azure SAML 2.0 provides a secure way to authenticate users, ensuring that only authorized individuals can access company resources.
Using Popl Teams Azure SAML 2.0 capabilities, companies can save time, improve security, and enhance their team's experience, making this integration a popular choice for many organizations using Popl Teams.

Step by Step Guide

  1. 1.
    Start by going to Enterprise Applications on the Azure Admin Portal. Once there, click on "New Application", which will take you to browse the Azure AD Gallery.
  2. 2.
    Click on "Create your own application", which will open a side menu as shown below. Input "Popl" for the first option titled "What's the name of your app?" and check "Integrate any other application you don't find in the gallery (Non-gallery)". Then click "Create" at the bottom of the screen.
  1. 3.
    Click the option that shows "Set up single sign on", then on the next page click "SAML".
  2. 4.
    On the next page titled Set up Single Sign-On with SAML, click Edit on the "Basic SAML Configuration" pane.
For "Identifier (Entity ID)", click Add identifier and input:
Popl
For "Reply URL (Assertion Consumer Service URL)", click Add reply URL and input:
https://us-central1-poplco.cloudfunctions.net/msAutoSync/saml?isMicrosoft=true
  1. 5.
    Once those two items are added, click Edit on the "Attributes & Claims" pane. Once open, click on "Unique User Identifier (Name ID)" to edit the claim. Change the "Source attribute" to "user.mail". This will allow the SAML integration to associate the user's email with their Popl digital business card. Then click "Save" to save this configuration. See below for how the configuration should look:
  1. 6.
    Once this is saved, you are all set to begin adding Users or groups to the SAML integration to begin testing SAML login. A user must be added to the integration either individually or via a group in order for the SAML login to work successfully. Users or groups can be provisioned to the integration for SAML via the "Users and groups" tab as shown below.

Note: Provisioning users via Azure won't actually create Popl digital business cards for each user. To create digital business cards for each user so they can log in with SAML SSO to an already set up digital card, please follow the steps for setting up our Azure AD integration here

Logging in via Desktop

For enterprise-grade security and streamlined access to the Popl dashboard, SAML protocol must be utilized for user login on desktop. To log in via SAML, users can click on the Popl enterprise tile, which should be visible on their Microsoft dashboard of applications if the user is part of the provisioned groups. Upon clicking the application tile, the user will be redirected to Popl Teams, where they will be logged in instantly, facilitating seamless user experience and ensuring a secure authentication.

Logging in via Mobile App

When users want to log in to their Popl account via the mobile app, the "Login with Microsoft" method should be utilized to ensure secure authentication and 2FA enforcement via Microsoft. The "Login with Microsoft" option is available on the app's login screen.
If any issues or questions, please contact us at [email protected], we are available nearly 24/7 and will get back to you within 6-8 hours or less.
Made with 🤍 Popl