Set up Krisp SSO with Azure

Who can use this?

Plan: Enterprise (only admins)
Platform: Web
Managed from: Admin Dashboard
Other: IdP account admin privileges 

This article describes how to set up Krisp SSO login with your Identity Provider (IdP). Single sign-on allows you to log in using your company credentials. Krisp's single sign-on (SSO) is based on SAML 2.0.

Check this article to learn more about how you can get started with Krisp SSO.

 

Krisp SSO Settings

First, go to your Admin Dashboard >>> Settings >>> Security >>> Authentication. Check the Enable SSO box and click on SAML to open Configure SAML panel. You'll need this info for further steps. Let's call this Krisp Settings.

new

 

Configuring Azure with a custom app

To configure the integration of Krisp into Azure Active Directory, you need to add Krisp to your list of managed SaaS apps. For that, follow these steps:

Creating the custom app

  1. Log in to Azure dashboard Portal with your admin account at https://portal.azure.com/#home
  2. Go to Azure services >>> Azure Active Directory.

    azure.png
  3. Click + Add >>> Enterprise application.

    azure_2.png
  4. To add Krisp as an application, click Create your own application.

    azure_3.png
  5. Give it a name (ex: Krisp_app) and click Create.

    azure_4.png

Assigning users

  1. Go to Getting Started >>> Assign users and groups

    azure_5.png
  2. Click None Selected.

    azure_6.png
  3. Choose the existing users you’d like to assign to the application and click Select.

    azure_7.png
  4. Click Assign to assign the selected users to the application.

    azure_8.png

Setting up SSO

  1. Go to Set up single sign on.

    azure_9.png
  2. Select SAML as the Single sign-on method.

    azure_10.png
  3. Edit the Basic SAML Configuration box.

    azure_11.png
  4. Start filling in the information:
    - Identifier (Entity ID): Click Add identifier and copy the "Your team slug" value from Krisp settings to the field.
    - Reply URL (Assertion Consumer Service URL): Click Add reply URL and copy the "Reply URL (Assertion Consumer Service URL)" value from Krisp settings to the field.
    - Sign on URL (Optional): Copy the "Single Sign On URL" value from Krisp settings to this field.

    azure_12.png

    Save
    these settings.

  5. Edit the User Attributes & Claims box. Do not modify the already existing attributes and claims.

    azure_13.png
  6. Click + Add new claim.

    azure_14.png
  7. Set the following values for the fields:
    - Name: Email
    - Source: attribute
    - Source attribute: user.mail

    azure_15.png
    Save
    the changes.
  8. Download the Certificate (Base64) from the SAML Signing Certificate box.

    azure_16.png
  9. Open the Krisp Settings
    - Copy Your team slug value from Krisp Settings to the Audience URI and Identity Provider Issuer fields of Krisp Settings.
    - Open the downloaded certificate with the text editor and copy it to the X-509 certificate of your Krisp Settings.
    - Copy the Login URL value from the Set up Krisp_app box of your Azure AD settings to the Identity Provider Single Sign On URL field of Krisp Settings.

    azure_17.png
  10. Click Configure in the Krisp settings.

    azure.png

Now the assigned users will be able to log into the Krisp team account through SSO.

Have more questions? Submit a request

Was this article helpful?
1 out of 1 found this helpful