Closed Early Access just started: Discover what's coming in v4.0.
Learn more
All categories
System
Access management
AI
Appflows - Technical
Billing
Billing and policy
Built-in apps
Business cases addon
Business Intelligence
Business Operations and ERPs
Calendar addon
Commerce
Communication
Community apps
Contacts module
Contracts addon
CRM and Sales tools
Customer Support
Database
Education
Features
File and Document Management
Forms Addon (Legacy)
Getting started with Boost.space
HR management
Internet of Things
Invoices module
IT and Development
Lifestyle
Marketing
Marketplace - Overview
Marketplaces
Modules and Addons
News monitor addon (legacy)
Notes addon
Offers addon
Orders module
Other
Pages addon
Policy
Process Management
Productivity
Products module
Records
Spaces
Surveys and Forms
System Settings (for Admins)
Tasks module
Travel
Users and teams
Wall addon
Warehouses addon
Website Building
Work hours addon
Integrations
Apps
Connections
Errors
Functions
Getting started with Boost.space Integrator
Integrator Modules
Mapping
Scenarios
Tools
Tutorials
List of applications
Table of Contents

MS Azure AD SAML

The following manual configuration creates a SAML SSO configuration for your Enterprise organization.

Prerequisites

  • Owner role in an Enterprise organization

  • Administrative access to your organization’s Microsoft Azure AD portal

Supported features

This configuration supports the following:

  • Service provider initiated SSO

  • Single Log Out [optional]

Configuration steps

Before configuring SSO, you need to assign a namespace and download your service provider certificate in Boost.space Integrator. These steps provide information you need to enter later.

Create your namespace in Boost.space Integrator:

  1. Go to Organization > SSO.

  2. Under Namespace, enter the namespace you want for your organization, for example, acme_corp. Your organization members enter this namespace when they log in via SSO.

  3. Under SSO type, select SAML 2.0.

Steps on Microsoft

Create a SAML application on Microsoft Entra ID

  1. Log in to Microsoft Azure and go to Manage Microsoft Entra ID.

  2. Click Enterprise applications.

  3. Click + New Application.

  4. Click + Create your own application.

  5. Enter a name for your app and select Integrate any other application you don’t find in the gallery.

  6. Click Create.

  7. Find 2. Set up single sign on and click Get started.

  8. Click SAML.

Configure Basic SAML settings

  • For Basic SAML settings. click Edit and enter the following values:

    Identifier (Entity ID)

    Add /metadata.xml to the URL in the Redirect URL field of the SSO configuration in your Make organization.

    Example: https://www.make.com/sso/saml/examplenamespace/metadata.mxl

    Reply URL

    You can find this URL in the Redirect URL field of the SSO configuration in your Make organization.

    [Note] Note

    Replace {namespace} with your actual namespace.

    Example:

    Your namespace is acmecorp

    https://www.make.com/sso/saml/acmecorp

    Sign on URL

    Leave this field blank.

    Relay State (Optional)

    Leave this field blank.

    Logout Url (Optional)

    Leave this field blank.

Rename attributes

You need to rename items in the Attributes & Claims section for your Login IML resolve.

  1. In the Attributes & Claims sections, click Edit.

  2. Under Additional claims, find the value you want to edit and click that row.

  3. Enter the new name in the Name field. Use the following chart to find the names required for your IML resolve.

    email

    user.mail

    name

    user.displayname

    id

    user.userprincipalname

    Unique User Identifier

    user.userprincipalname

  4. Repeat steps 2 and 3 for each attribute you need to change.

  5. Click Save.

Download the certificate

You need to download the base 64 SAML certificate from Microsoft Azure and upload it to the Identity Provider Certificate field of the SSO tab in your Make organization.

  1. Find the SAML Certificates section of your single sign-on settings in the Microsoft Azure portal.

  2. Next to Certificate (Base64), click Download.

Your browser automatically downloads the .cer file. Find this file and have it ready to upload later.

Steps on Make

  1. Go to Organization > SSO.

  2. Under Identity Provider Certificate, click Extract. A pop-up appears.

  3. Under P12, PFX or PEM file, click Choose file and select the .cer file you downloaded.

  4. Enter the following information from Okta into the IdP login URL and Identity provider certificate fields.

    Field on MS Azure AD

    Field on Admin > System settings

    Under 4 Set up:

    Login URL

    IdP login URL

    Under 3 SAML certificates

    Certificate (Base64)

    Identity provider certificate

  5. Enter the following in the Login IML resolve field:

    {"email":"{{user.name_id}}","id":"{{get(user.attributes.id,1)}}","name":"{{get(user.attributes.firstName,1)}}"}

  6. Select the following settings:

    Allow unencrypted assertions

    Yes

    Allow unsigned responses

    No

    Sign requests

    Yes

  7. Click Save.

Service Provider initiated SSO

  1. Go to Boost.space Integrator‘s login page.

  2. Click Sign in with SSO.

  3. Enter the namespace you chose for your organization.

  4. Log in using your Okta credentials and consent to Boost.space Integrator‘s access to your user data.

Troubleshooting

When you save the SSO configuration, you automatically receive an email with a link to bypass SSO login. Use this link to log in and adjust your configuration as needed.