- Microsoft Azure account with Azure AD Premium activated.
- Administrator level access to ITBoost and a Global Admin or Co-admin account in Azure.
- All of your users under your account in ITBoost will need an account in Azure Active Directory, with exactly the same email address. We don’t create user accounts under SSO.
- Before you begin, log into your ITBoost account twice - once in a regular browser window and once in an incognito/private window. This is to ensure that you are still logged into your account just in case you get locked out of your account in the other window.
- In the Azure portal (https://portal.azure.com/), click More services > at the bottom of the main left-hand navigation menu.
2. Use the Filter field to search for and select Azure Active Directory. (Optional: Star Azure Active Directory to add it to the main left-hand navigation menu.)
3. From the Azure Active Directory left-hand navigation menu, click Enterprise applications.
4. With Enterprise applications selected, click + New application at the top of the screen.
5. Next, click Non-gallery application in the Add your own app section.
6. Give the new application a name and then click the Add button at the bottom of the screen. This will add a custom application to your Azure Active Directory.
Note: If you do not have Azure AD Premium activated, you will not be able to enter the name of the application and a corresponding error message will appear.
7. Once the application loads, select Users and groups in the sidebar menu. At the top of the screen, click + add user to assign users or user groups to this application.
8. Next, click Single sign-on from the application’s left-hand navigation menu.
9. In the sidebar menu, select SAML-based Sign-on in the Single Sign-on Mode dropdown.
10. Select the Show advanced URL settings checkbox and enter the following URLs in the fields provided (replacing subdomain with your subdomain):
Identifier: Enter your itboost subdomain, e.g. https://subdomain.itboost.com
Reply URL: Enter https://bkeu.itboost.com/login/sso-assert
Sign on URL: Enter https://subdomain.itboost.com
Be sure to fill in your ITBoost subdomain where it says subdomain. Note that there's no trailing slash at the end of the URL.