# Single Sign-On with Azure AD

Follow this guide to set up Single Sign-On (SSO) in Dataimporter with Azure Active Directory. This will let you control which users have access to Dataimporter, restrict access to SSO, provision new users via Just-in-Time (JIT) provisioning.

## 1. Enable SSO in Dataimporter

1. In Dataimporter, head to the Account Settings page and toggle SSO on.

<figure><img src="https://2845823711-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FtvRVifvxmkDBmPKpGlr2%2Fuploads%2FGwaco8d481FkFrx4KZD8%2Fimage.png?alt=media&#x26;token=3beda87d-e525-405c-96a7-e6b18796fd4d" alt=""><figcaption></figcaption></figure>

2. In the SAML Name field enter the name as you would like it to appear e.g. <mark style="color:blue;">`Acme`</mark>
3. In the Domain field enter your corporate company name e.g. <mark style="color:blue;">`acme.com`</mark>.
4. Keep this tab open and open another tab to perform the next steps.

## 2. Add Dataimporter to Azure AD

1. Log in to the Azure Portal and click on Enterprise Applications

![](https://2845823711-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FtvRVifvxmkDBmPKpGlr2%2Fuploads%2FUfM1qhEZ1xaWKJGrahLh%2Fimage.png?alt=media\&token=e689f089-61bd-480f-a437-e99bfd753715)

2. Click on New Application.

<figure><img src="https://2845823711-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FtvRVifvxmkDBmPKpGlr2%2Fuploads%2FourmjaY7w8iP0HKjvVGN%2Fimage.png?alt=media&#x26;token=952c658d-7c54-437f-ad54-3fdb3b8cab6b" alt=""><figcaption></figcaption></figure>

3. Click on Create your own Application.

<figure><img src="https://2845823711-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FtvRVifvxmkDBmPKpGlr2%2Fuploads%2FN3z02Do73zL3e6QScXUA%2Fimage.png?alt=media&#x26;token=fe8b2ac7-e728-4a50-9482-171fd7606bb3" alt=""><figcaption></figcaption></figure>

4. Give the app the name <mark style="color:blue;">`DATAIMPORTER`</mark>, select the option Integrate any other application you don't find in the gallery (Non-gallery), and click Create.

<figure><img src="https://2845823711-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FtvRVifvxmkDBmPKpGlr2%2Fuploads%2FKd9HpTHvaxhfDBwQtGCg%2Fimage.png?alt=media&#x26;token=17edf8fc-749f-41e1-a623-9c50f167c3b5" alt=""><figcaption></figcaption></figure>

5. Once the app is created, select the Single sign-on and choose SAML

![](https://2845823711-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FtvRVifvxmkDBmPKpGlr2%2Fuploads%2FezeksDy9HSLLbCHJFQk6%2Fimage.png?alt=media\&token=d9b1749d-be87-4b4a-af89-cb40f028425c)

<figure><img src="https://2845823711-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FtvRVifvxmkDBmPKpGlr2%2Fuploads%2FQ9o9yWCZE9r18iexjR5v%2Fimage.png?alt=media&#x26;token=5fa06ff9-ae88-430d-96ba-eef01a71652f" alt=""><figcaption></figcaption></figure>

6. Click Edit next to Basic Configuration

<figure><img src="https://2845823711-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FtvRVifvxmkDBmPKpGlr2%2Fuploads%2FVtBXMtERGij1TANPLDan%2Fimage.png?alt=media&#x26;token=a5ec5515-2bd2-4367-aa07-4164d12426fa" alt=""><figcaption></figcaption></figure>

7. In the Identifier (Entity ID) field, add the value that you added in Step 2 of the Dataimporter configuration e.g. <mark style="color:blue;">`Acme`</mark>
8. In the Reply URL section enter the URL in the following format https\://{instance}.dataimporter.io/saml/login/{identifier} e.g. <mark style="color:blue;">`https://app.dataimporter.io/saml/login/Acme`</mark>

<figure><img src="https://2845823711-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FtvRVifvxmkDBmPKpGlr2%2Fuploads%2FfQXREzbEz7SXEQYwDkph%2Fimage.png?alt=media&#x26;token=aeb87ce9-550d-4524-8b9f-acf238dc6c7f" alt=""><figcaption></figcaption></figure>

9. Click Save and close the box.
10. Click Edit next to Attributes & Claims.

<figure><img src="https://2845823711-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FtvRVifvxmkDBmPKpGlr2%2Fuploads%2FI8QOd6IfEvKtLGVZgDIu%2Fimage.png?alt=media&#x26;token=a0d73321-ea30-44da-bda0-2c4935b4f3e8" alt=""><figcaption></figcaption></figure>

11. Delete all of the existing claims under Additional Claims.
12. Add the following claims:

<figure><img src="https://2845823711-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FtvRVifvxmkDBmPKpGlr2%2Fuploads%2FYR5xPhJ72VAsIg95YQrO%2Fimage.png?alt=media&#x26;token=1793a0fd-f4c0-439c-b10c-f2035cbd6a0b" alt=""><figcaption></figcaption></figure>

13. Close the box and click on Users and groups.

![](https://2845823711-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FtvRVifvxmkDBmPKpGlr2%2Fuploads%2Fi5CHME1USOb2caB2Hkge%2Fimage.png?alt=media\&token=a6813c66-b57c-441e-a73d-e79aa335d35e)

14. Add any users or groups who need access to Dataimporter.

![](https://2845823711-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FtvRVifvxmkDBmPKpGlr2%2Fuploads%2FU7RPsQc4HQHdTCNYhK8Q%2Fimage.png?alt=media\&token=b8059d0a-ffd8-4538-8280-2dbaf2241900)

## 3. Configuring SSO in Dataimporter

1. In Azure AD, click back on Single sign-on, and scroll down to the SAML Certificates section.
2. Click on Download next to the <mark style="color:blue;">`Certificate (Base64)`</mark>
3. Scroll down to the Section 4 and copy the <mark style="color:blue;">`Login URL`</mark> value.

<figure><img src="https://2845823711-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FtvRVifvxmkDBmPKpGlr2%2Fuploads%2F0FoBRegw1skJXizvMnKD%2Fimage.png?alt=media&#x26;token=a61bad1c-510b-46a2-8543-81b7e83fe022" alt=""><figcaption></figcaption></figure>

4. Open the tab in Dataimporter and paste the value into the Log In URL field.

<figure><img src="https://2845823711-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FtvRVifvxmkDBmPKpGlr2%2Fuploads%2FslNWaGTztwueweYkZX8t%2Fimage.png?alt=media&#x26;token=698692a8-75a6-439a-bd11-53d9fb710aff" alt=""><figcaption></figcaption></figure>

5. Open Azure AD and copy the Azure AD Identifier value.

<figure><img src="https://2845823711-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FtvRVifvxmkDBmPKpGlr2%2Fuploads%2FSoU9FHGkQbi5KbMj7r3v%2Fimage.png?alt=media&#x26;token=cb78a279-4661-40f5-865f-1424a5e81a70" alt=""><figcaption></figcaption></figure>

6. Open the tab in Dataimporter and paste the value into the Provider Entity Id field.

<figure><img src="https://2845823711-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FtvRVifvxmkDBmPKpGlr2%2Fuploads%2FDy9WnErDan3oL7A1Zp8Y%2Fimage.png?alt=media&#x26;token=8e243a6c-1dd6-4058-b60e-b39f263c2902" alt=""><figcaption></figcaption></figure>

7. Open the Certificate (Base64) in a text editor and copy the entire value.
8. Open the tab in Dataimporter and paste the value into the X509 Certificate field.

<figure><img src="https://2845823711-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FtvRVifvxmkDBmPKpGlr2%2Fuploads%2Fve0RigYTUKJjqhcA33lt%2Fimage.png?alt=media&#x26;token=506f23fd-f5b3-4a9d-8e66-8cc8606f5e00" alt=""><figcaption></figcaption></figure>

9. Click on Save.
10. Contact Dataimporter Support to validate and enable SSO for your Organization.&#x20;