Setup Azure Active Directory SSO

Zuplo uses Auth0 to enable Azure SSO for enterprise accounts who have purchased single-sign-on. Below you will find instructions on how to setup a new Azure AD client to be used with Zuplo.

Register a new Application in Azure Active Directory. For instructions on this process, see Microsoft's quickstart. Record the client ID value to share with Zuplo.
- The application type should be "web".
- The Redirect URI value should be set to https://auth.zuplo.com/login/callback
- No special permissions are needed. Zuplo only requires basic profile information (name and email).
Create a client secret for you application. To create a client secret, see Microsoft's Quickstart: Configure a client application to access web APIs - Add Credentials to your web application. Record this value. You will need to share this securely with Zuplo.

Tip

If you configure an expiring secret, make sure to record the expiration date; you will need to renew the key before that day to avoid a service interruption.

Securely share the following values with Zuplo.

Field	Description
Client ID	Unique identifier for your registered Azure AD application.
Client Secret	String used to gain access to your registered Azure AD application.
Azure AD Domain	Your Azure AD domain name. You can find this on your Azure AD directory's overview page in the Microsoft Azure portal.
Identity Provider Domains	A list of the domains that can be authenticated in the Identify Provider. For most companies this will be a single domain, but some companies may have multiple domains.

A few options for securely sharing secrets with Zuplo:

Note

You can find Zuplo support's PGP public key at: https://keys.openpgp.org/vks/v1/by-fingerprint/53A66C757B3F88908D395F9E0237A8212358D92C

Once you have shared the required information with Zuplo, we will configure your account to use Okta for SSO. We will notify you once the configuration is complete.