The following manual configuration creates a SAML SSO configuration for your Enterprise organization.
-
Ownerrole in an Enterprise organization -
Administrative access to your organization’s Microsoft Azure AD portal
This configuration supports the following:
-
Service provider initiated SSO
-
Single Log Out [optional]
Before configuring SSO, you need to assign a namespace and download your service provider certificate in Boost.spaceA platform that centralizes and synchronizes company data from internal and external sources, offering a suite of modules and addons for project management, CRM, data visualization, and more. Has many features to optimize your workflow! IntegratorPart of the Boost.space system, where you can create your connections and automate your processes.. These steps provide information you need to enter later.
Create your namespace in Boost.space Integrator:
-
Go to Organization > SSO.
-
Under Namespace, enter the namespace you want for your organization, for example,
acme_corp. Your organization membersIn Boost.space, a Member is a role within a space that permits an individual to view and manage records using existing statuses and labels. Members cannot manage other members or modify space settings. enter this namespace when they log in via SSO. -
Under SSO type, select SAML 2.0.
-
Log in to Microsoft Azure and go to Manage Microsoft Entra ID.
-
Click Enterprise applications.
-
Click + New Application.
-
Click + Create your own application.
-
Enter a name for your app and select Integrate any other application you don’t find in the gallery.
-
Click Create.
-
Find 2. Set up single sign on and click Get started.
-
Click SAML.
-
For Basic SAML settings. click Edit and enter the following values:
![[Note]](https://docs.boost.space/wp-content/themes/bsdocs/docs-parser/HTML/css/image/note.png)
You need to rename itemsItems are rows in records (order/request/invoice/purchase...) in the Attributes & Claims section for your Login IML resolve.
-
In the Attributes & Claims sections, click Edit.
-
Under Additional claims, find the value you want to edit and click that row.
-
Enter the new name in the Name field. Use the following chart to find the names required for your IML resolve.
email
userCan use the system on a limited basis based on the rights assigned by the admin..mail
name
user.displayname
id
user.userprincipalname
Unique User Identifier
user.userprincipalname
-
Repeat steps 2 and 3 for each attribute you need to change.
-
Click Save.
You need to download the base 64 SAML certificate from Microsoft Azure and upload it to the Identity Provider Certificate field of the SSO tab in your Make organization.
-
Go to Organization > SSO.
-
Under Identity Provider Certificate, click Extract. A pop-up appears.
-
Under P12, PFX or PEM file, click Choose file and select the
.cerfile you downloaded. -
Enter the following information from Okta into the IdP login URL and Identity provider certificate fields.
Field on MS Azure AD
Field on AdminA user role in Boost.space with comprehensive system access, including the ability to add, remove, and manage all system levels. Admins can oversee all users, configure system settings, create custom fields, and manage modules and addons. Admin can also access Integrator and manage automations. > System settingsMain settings of the Boost.space system that is accessible only by admins. You can change a variety of things here (custom fields, actions and triggers, design, etc.)
Under 4 Set up:
Login URL
IdP login URL
Under 3 SAML certificates
Certificate (Base64)
Identity provider certificate
-
Enter the following in the Login IML resolve field:
{"email":"{{user.name_id}}","id":"{{get(user.attributes.id,1)}}","name":"{{get(user.attributes.firstName,1)}}"} -
Select the following settings:
Allow unencrypted assertions
Yes
Allow unsigned responses
No
Sign requests
Yes
-
Click Save.