Setting up SSO in Supplios using Microsoft Entra

Supplios supports Single Sign-On (SSO) with a variety of Identity Providers. This allows your users to authenticate with a SSO / Identity Provider that your company already uses for user access control.


SSO sign-in options can be configured independently for your internal and/or your supplier users. The most common use-case is to setup SSO for your internal users (integrating with the Identity Provider you already use for your employees) then having your supplier users use the standard Supplios authentication system (email/password) together with optional "public" SSO options such as Google or other other Microsoft login options.


Microsoft Entra (formerly known as Azure Active Directory) is a common SSO / Identity Provider used in enterprise IT environments, and Supplios supports using Entra as a SSO provider. (Depending on your company's specific plan or other commercial arrangements)


Scope of this article

Integrations with Identity Providers such as Microsoft Entra can involve two separate, but related functions:

  1. Single Sign-On (SSO) — the actual user sign-in process via the Identity Provider (such as Entra)
  2. User Sync / Directory Sync — the automatic syncing of users from one system (such as Entra or Active Directory) to Supplios, including automatic provisioning/de-provisioning of user accounts. This is usually done using a standard such as SCIM.

Supplios can support both such integrations, but this article is targeted at SSO specifically. For User Sync functionality (SCIM), please discuss in more detail with your Supplios account manager.


Overview of setting up Microsoft Entra SSO integration:

Setting up SSO with Microsoft Entra involves some one-time tasks on your side (in your Microsoft admin area), and some one-time tasks done on the Supplios side, performed by the Supplios support team.

The steps on your side (outlined below) are typically done by someone in your IT department.

For any questions on the Supplios side, contact support@supplios.com or contact your account manager.


Step 1: Create new application registration in Microsoft Entra


  1. Enter a name for your application that identifies it for users. We suggest using something like "Supplios".
  2. Select the account types that can log in to Supplios. We recommend choosing Accounts in this organization directory only to enhance security.
  3. Set the Redirect URI:
    • Platform: Select Web .
    • Redirect URI: Enter the unique URI provided by Supplios for your application.
Microsoft Entra screen for creating a new Application Registration for Supplios

Step 2: Provide Necessary Information to Supplios

After completing the application registration, send the following details to Supplios:

  1. Endpoints: Provide the endpoints for your application integration.
Endpoints in Microsoft Entra to provide to Supplios

  1. Credentials: Share the credentials for your application registration.
Credentials for SSO integration to share with Supplios

Step 3: Configure User Attributes

To ensure proper SSO setup, we need specific user attribute information to be set as expected:

  • User Identification Attributes: Ensure that the user profiles assigned to the Supplios app registration are complete. As of 2024, the default configuration in Entra maps the unique identifier to the user principal name , which is also the user's email address. Supplios will use this field by default to determine the email address of your users.
  • Custom Settings: If your configuration uses different settings that those above, send us the names of the email address and unique identifier attributes so we can map them to the correct values in the Supplios app.

Important Notes

  • User Profile Completion: Make sure each account assigned to the Supplios app registration has a complete user profile. This is critical for the correct mapping of user attributes.
  • Attribute Verification: Verify that the user profiles include the correct email address and unique identifier as configured in your Microsoft Entra setup.

Final Steps

Once you have sent all the required information outlined above, Supplios will complete the setup on our side:

  1. Integration Setup: Supplios will set up the SSO integration using the provided details.
  2. Confirmation: We will notify you once the setup is complete.
  3. User Access: Invited users will then be able to log in to Supplios using SSO.


Questions?

Please contact our technical support team at support@supplios.com or use the contact form in these support pages.

Still need help? Contact Us Contact Us

Related Articles