Single Sign On with Azure AD

Azure Single Sign-On (SSO) streamlines access to numerous applications and services using a unified set of credentials, eliminating the necessity for users to handle multiple passwords while bolstering security measures. 


Let's see what details will be required from Opkey to add to the Azure platform to generate the required URLs.


Go to Single Sign On, under All Applications. Click on Basic SAML configuration and enter Identifier(Entity ID). Enter Reply URL.


The details to enter in Azure have to be taken from Opkey. 


For this log in to the Opkey portal and click on the Settings tab. Click on the Single Sign On tab on the left pane from the available options and go to the Service Provider Data tab.  



 

 


This data of the Service Provider from the Opkey portal will be entered in the Audience URI (SP Entity ID) and Login Endpoint URLSign-on will be entered under the Single Sign On URL 

 



Now in the Azure platform configure three attributes under the Attribute and Claims. Click on Add New Claim to add a new claim.


1. Add Email 


2. Add FirstName 


3. Add LastName




SSO is managed through groups; create groups to automatically add users to Opkey. During login, the group name is verified for authenticity to enable successful user access. 


To create Groups, go to All Groups  and select New Group.  


On the next window, enter Group Type, Group Name, Assign the members and click on Create.



The assigned members can be seen as below. You can view as well as Add more members by clicking Add members.  Save the data after adding. 



Let’s see how we can begin working with the Azure SSO feature in Opkey. 


Login to the Opkey portal and select the project to work on.  


Go to the Profile Icon and select Settings. 

 

 

 

On the next window, click the Single Sign On tab on the left panel. Select the Add button. 

 

 

 

On the pop-up window enter the details of: 

 

Identity Provider: Custom 

IDP Issuer: Issuer URL generated at Azure platform(Microsoft Entra Identifier URL)

Display Name: Select the name to be displayed 

IDP Single Sign On: URL generated at Azure platform(User Access URL)

Certificate to validate signature: Signature generated on the Azure platform 

 

IDP Single Sign On URL can be found under Properties in Azure.


 
Scroll down and Click the Add button. 

 

 

 

 

The identity Provider (Azure) gets added. 


 

 

After saving, admins can choose from three login options: "Opkey Users Only," "Single Sign-On," or "Both Opkey and SSO Users" to enforce user login preferences. Opting for the third choice is recommended when SSO is configured. 


 

You also get the option of modifying the Identity Provider data through the Modify Single Sign-On button. The data can also be deleted with the button present next to the modify button. 

 
 

 

Click Modify Single Sign On button to enter the modified details and click Modify. The details will be modified. 

 

 



Next, create Groups to add users to avail themselves of the single sign-on feature. 

Follow the steps to see how it can be done. 

 

Navigate to the User Management Tab in the Admin Console of Opkey. 

 
 

 

 
 

Click the Add button to add the created Group(Group Name created on Azure platform). Enter details of SSO provider, Group, and Project and click on Add

 

Note: The group created on the Azure platform will be added here. 


 

 

The group gets added. 


 


 

Members of this group can now access their assigned Opkey project(s) when logging in through Azure SSO. 

 

Visit the Opkey Web login page and click on the "Continue with Azure AD" tab. 

 

 

 

 

Choose your designated Opkey project and begin your work. 

 

Simplify your testing journey with Opkey. 


Read more articles on Single Sign On by clicking Here

 
 

 

 

Was this article helpful?

That’s Great!

Thank you for your feedback

Sorry! We couldn't be helpful

Thank you for your feedback

Let us know how can we improve this article!

Select at least one of the reasons
CAPTCHA verification is required.

Feedback sent

We appreciate your effort and will try to fix the article