Integrating Azure SAML with Dialpad
    • 13 Nov 2024
    • 2 Minutes to read
    • Dark
      Light
    • PDF

    Integrating Azure SAML with Dialpad

    • Dark
      Light
    • PDF

    Article summary

    Azure's single sign-on (SSO) lets you easily log in to Dialpad with your Azure (Microsoft) login. 

    Let's dive into the details.

    Who can use this feature

    The Azure SAML integration is available to all Dialpad users. 

    *If you're on a Standard or Pro level plan, you must contact Customer Care to enable this feature. 

    You must have an Azure Active Directory subscription that allows the addition of SAML Toolkit SSO.  

    Enable SAML In Dialpad

    Before enabling this integration, make sure you have SAML permissions.

    If you don't see the SAML section in the Authentication section of your Company Settings, please contact Customer Care.

    Note
    The steps below use an example domain called projectgemma.com. Wherever applicable, substitute this value with the proper domain identifier for your company.

    To enable SAML on your account, head to your Dialpad Admin Settings.

    1. Select My Company 
    2. Navigate to Authentication 
    3. Select SAML 
    4. Choose Custom from the 'Choose your provider' menu
    5. Take note of the listed SP SSO URL (ACS) and SP Entity ID values 


    Keep this tab open — we'll revisit this page after configuring SAML on Azure.

    Configure SAML in Azure

    Next, it's time to configure SAML in Azure.

    1. Navigate to the Azure Portal
    2. Select Show portal menu
      1. This will open options on the left pane. 
    3. Navigate to Azure Active Directory
      1. Ensure that the tenant is correct.
    4. Select Enterprise applications
    5. Select  New application
    6. Search for, and then select Microsoft Entra SAML Toolkit

    7. In the pop-up side widow, Name the application
    8. Select Create
      1. The page will take a few moments to configure. Once the application is created, you'll be redirected to its main page. 
    9. Navigate to the Manage section of the Dialpad SAML application’s main page
    10. Select Single sign-on
    11. Select SAML 
    12. In the basic SAML Configuration tile, select Edit
    13. Here, enter the SP SSO URL (ACS) and SP Entity ID attributes from Dialpad 
    14. Next, you'll need to provide values for the three mapped attributes, as detailed below.
      Azure AttributeMapped Dialpad Attribute 
      Identifier (Entity ID)SP Entity ID 
      Replay URL (Assertion Consumer Service URL)SP SSO URL (ACS)
      Sign On URL https://dialpad.com/auth/saml/request?domain=projectgemma.com&source=web
      *Use your domain in lieu of projectgemma.com 

    15. Select Save
    16. On the resulting page, select Add new claim
      • In the Name field, enter Email 
      • In the Source attribute field, enter user.mail
    17. Select Save
      1. Under User Attributes & Claims, you'll now see the newly added claim.
    18. Back on the Setup Single Sign-On with SAML page, locate the Certificate (Base64) attribute in the SAML Signing Certificate tile
    19. Select Download
    20. On the Set up Azure AD SAML Toolkit tile, take note of the values against Login URL and Microsoft Entra Identifier 
    21. Switch back to the Dialpad SAML Configuration page. Here, populate the remaining attributes with the values obtained from steps 13 and 14 in this section.
      Azure AttributeMapped Dialpad Attribute 
      Login URL (from step 14)IdP SSO URL 
      Microsoft Entra IdentifierIdP Entity ID (Issuer)
      Certificate(Base64) (Downloaded)Certificate
    22. Select Save

    Assign a user in Azure 

    To assign a user in Azure:

    1. Navigate to the configured enterprise application (it's called Dialpad SAML in the screenshot below)
    2. Select Users and Groups 
    3. Select Add user/group
    4. Choose a user to test out the SAML-based login, then select Assign
    5.  The user should now be listed in the main page, as shown below

    Test user login

    Now that Azure SAML has been configured, it's time to test it. 

    1. Head to https://www.dialpad.com/login 
    2. Select  Log in with another provider
    3. Enter the domain of your company
    4. Select Next

      That's it! You'll be redirected to Microsoft Login for authentication. After entering your credentials, you should be logged into Dialpad via SAML.

    Enforcing SAML-based SSO 

    Add an extra level of security by blocking your users from using other SSO providers when logging into Dialpad. 

    To restrict the use of other authentication providers, navigate to your Admin Settings at Dialpad.com

    1. Select My Company
    2. Navigate to Authentication
    3. Select SAML
    4. Select Prevent users from logging in with other SSO providers
    5. Select Save 

    Once saved, your users won't be able to use Microsoft and Google SSO (or even their username and password) to log in to Dialpad.




    Was this article helpful?