If you enable SSO but then can't log in using SSO, you can use the local login to regain access. This is only available to users with the Tenant admin user role. See our knowledge base article, Rescue URL for tenant administrators.
Prerequisite
- In your Applaud platform, from the settigns page, under the Sign in section, select the "SAML" option and under the Entity ID copy the link.
- In your Azure Active Directory, create a new Enterprise application for your Applaud platform.
- Set up Single Sign-On with SAML using these settings. See the Microsoft help article, Configure Azure AD SSO.
- Identifier (Entity ID): "https://examplecompany-com.applaud.com/"
- Reply URL (Assertion Consumer Service URL): "https://examplecompany-com.applaud.com/sso/saml/callback"
- Sign on URL (Optional): "https://examplecompany-com.applaud.com/dashboard"
- Relay State (Optional): can be left blank
- Logout Url (Optional): "https://examplecompany-com.applaud.com/local-login"
- Once done, under the section that states: "You'll need to configuer the application to link with Azure AD." copy the Login URL. For example, "https://login.microsoftonline.com/4789c4783-43890..."
Procedure
- Back in your Applaud platform on the Settings page under the Sign in section with the "SAML" option selected, in the SAML SSO URL box, paste the Azure Login URL that you copied.
- In the Remote logout URL box, paste the Logout URL from Azure.
- If you've configured Azure AD SSO and users are seeing Azure Error - AADSTS75011 message, you need to remove the optional value, RequestedAuthnContext. You can do this by selecting the Remove the optional RequestedAuthnContext value from the SAML request option. Read more about this error in Microsofts help article, Authentication method mismatch.
- Select UPDATE.