Skip to main content

Setting Up SSO with Azure

Dianmarie De Jesus
  • Updated

Azure is a SAML identity provider that will authenticate your Lattice users trying to sign in. By setting up Lattice for SSO within your Azure Active Directory, your users will no longer need to remember an extra password to sign into Lattice, and you can quickly remove their access to Lattice from a centralized control panel. Find a list of other SAML providers Lattice integrates here:  "Adding SSO to Lattice".

For Microsoft's detailed tutorial for setting up Azure AD SSO integration with Lattice, read Lattice Tutorial

Note: User emails in Azure and Lattice should match to ensure users can sign in via SSO.

Add Lattice from the Azure gallery

Step 1: Sign in to your Azure portal as an Admin

Step 2: On the left navigation pane, select the Azure Active Directory service > Enterprise Applications > All applications > Select New application

Screen_Shot_2022-08-23_at_3.19.54_PM.png

Step 3: In the Browse Azure AD Gallery section, type Lattice in the search box.

Screen_Shot_2022-08-23_at_3.21.09_PM.png

Step 4: Select Lattice from results panel and then add the app. Wait a few seconds while the app is added to your tenant.

 

Configure SSO for the Lattice app

Step 1: Within the Manage section of the Lattice app, enter the Single sign-on pane. 

Step 2: Select SAML as the single sign-on method. Screen_Shot_2021-03-22_at_10.55.53_AM.png

Step 3: Under Basic SAML Configuration, select Edit.

Screen_Shot_2021-03-22_at_10.56.55_AM.png

Step 4: Add the Identifier (Entity ID) and Reply URL (Assertion Consumer Service URL) with the following: 

ACS URL: https://router.latticehq.com/sso/[subdomain]/acs
Entity ID: https://router.latticehq.com/sso/[subdomain]/metadata

Where "[subdomain]" is your Lattice subdomain. For example, if your organization's Lattice URL is "https://bigco.latticehq.com", "bigco" would be your subdomain and your ACS URL would be: https://router.latticehq.com/sso/bigco/acs 

Note: Sign on URL can be left blank.

Screen_Shot_2022-05-17_at_11.18.24_AM.png

 

Add SSO XML metadata to Lattice

Step 1: In Azure, navigate to Home > Enterprise Applications > Lattice > SAML Signing Certificate > Download Federation Metadata XML.

Step 2: Open the Federation Metadata XML file and copy its contents.

mceclip0.png

Step 3: In Lattice, navigate to Admin > Platform > Settings > Single sign-on settings.

Step 4: Under XML metadata, paste the Federation Metadata XML

Step 5: Select Save.

Screen_Shot_2022-02-02_at_12.54.16_PM.png

 

Assign users to the Lattice App

Step 1: Enter the Azure AD portal and select "Enterprise applications." Find the Lattice app previously created.

Step 2: Within the left navigation menu, select "User and Groups" and click "Add user."

Step 3: Select the "Assign" button at the bottom of the pane.

Assign a user or group to the app

Related articles