Integrating Azure SAML with Dialpad

Azure's single sign-on (SSO) lets you easily log in to Dialpad with your Azure (Microsoft) login. 

Let's dive into the details.

Enable SAML In Dialpad

Before enabling this integration, make sure you have SAML permissions.

If you don't see the SAML section in the Authentication section of your Company Settings, please contact Customer Care.

To enable SAML on your account, head to your Dialpad Admin Settings.

1. Select My Company 
2. Navigate to Authentication 
3. Select SAML 
4. Choose Custom from the 'Choose your provider' menu
   
5. Take note of the listed SP SSO URL (ACS) and SP Entity ID values 

Keep this tab open — we'll revisit this page after configuring SAML on Azure.

Configure SAML in Azure

Next, it's time to configure SAML in Azure.

1. Navigate to the Azure Portal
2. Select Show portal menu
   1. This will open options on the left pane. 
3. Navigate to Azure Active Directory
   1. Ensure that the tenant is correct.
4. Select Enterprise applications
5. Select  New application
6. Search for, and then select Microsoft Entra SAML Toolkit
   
   
7. In the pop-up side widow, Name the application
   
8. Select Create
   1. The page will take a few moments to configure. Once the application is created, you'll be redirected to its main page. 
9. Navigate to the Manage section of the Dialpad SAML application’s main page
10. Select Single sign-on
11. Select SAML 
    
12. In the basic SAML Configuration tile, select Edit
    
13. Here, enter the SP SSO URL (ACS) and SP Entity ID attributes from Dialpad 
14. Next, you'll need to provide values for the three mapped attributes, as detailed below.

    Azure Attribute	Mapped Dialpad Attribute
    Identifier (Entity ID)	SP Entity ID
    Replay URL (Assertion Consumer Service URL)	SP SSO URL (ACS)
    Sign On URL	https://dialpad.com/auth/saml/request?domain=projectgemma.com&source=web *Use your domain in lieu of projectgemma.com

    
    
15. Select Save
    
16. On the resulting page, select Add new claim
    • In the Name field, enter Email 
    • In the Source attribute field, enter user.mail
      
17. Select Save
    1. Under User Attributes & Claims, you'll now see the newly added claim.
18. Back on the Setup Single Sign-On with SAML page, locate the Certificate (Base64) attribute in the SAML Signing Certificate tile
19. Select Download
20. On the Set up Azure AD SAML Toolkit tile, take note of the values against Login URL and Microsoft Entra Identifier 
21. Switch back to the Dialpad SAML Configuration page. Here, populate the remaining attributes with the values obtained from steps 13 and 14 in this section.

    Azure Attribute	Mapped Dialpad Attribute
    Login URL (from step 14)	IdP SSO URL
    Microsoft Entra Identifier	IdP Entity ID (Issuer)
    Certificate(Base64) (Downloaded)	Certificate

22. Select Save

Assign a user in Azure 

To assign a user in Azure:

1. Navigate to the configured enterprise application (it's called Dialpad SAML in the screenshot below)
2. Select Users and Groups 
3. Select Add user/group
4. Choose a user to test out the SAML-based login, then select Assign
5.   The user should now be listed in the main page, as shown below

Test user login

Now that Azure SAML has been configured, it's time to test it. 

1. Head to https://www.dialpad.com/login 
2. Select  Log in with another provider
3. Enter the domain of your company
4. Select Next
   
   That's it! You'll be redirected to Microsoft Login for authentication. After entering your credentials, you should be logged into Dialpad via SAML.

Enforcing SAML-based SSO 

Add an extra level of security by blocking your users from using other SSO providers when logging into Dialpad. 

To restrict the use of other authentication providers, navigate to your Admin Settings at Dialpad.com

1. Select My Company
   
2. Navigate to Authentication
3. Select SAML
4. Select Prevent users from logging in with other SSO providers
   
5. Select Save 

Once saved, your users won't be able to use Microsoft and Google SSO (or even their username and password) to log in to Dialpad.