Azure Active Directory SSO
Squadcast supports SAML 2.0 based Single Sign-On (SSO) login for Azure Active Directory users. You can integrate your Squadcast Organization with your Azure Active Directory SSO by following this integration guide.
Account Owner / Administrator account in Squadcast
A valid Squadcast subscription in either (Pro or Enterprise plans)
1. Only an Administrator / Account owner can enable and configure Azure Active Directory SSO for an Organisation in Squadcast.
2. Once enabled, only the Account Owner can use email-password based login by default although, it can be configured to enable email-password based login for Administrators as well.
(1) Navigate to Extensions from the sidebar and click on Integrate in the SSO card
(2) In the opened modal, select the Custom SAML 2.0 tab and click Show configuration guide for Custom SAML 2.0
As given in the displayed guide, copy the ACS URL being shown in point 1
(3) Then, go to your Azure Active Directory dashboard and click on Enterprise applications from the left navigation
(4) Click on New Application to create an application for Squadcast
(5) Select Non-gallery Application, give a name for the application (such as, Squadcast) and click on Add
(6) For the newly created app, in the left pane under Manage, select Users and groups
Now, click on Add User
(7) Find and add the users you want to, along with the appropriate Role
(8) In the left pane under Manage, click Single sign-on and select SAML
(9) Edit the Basic SAML Configuration section
In both, the Identifier (Entity ID) and Reply URL (Assertion Consumer Service URL) placeholders, paste the ACS URL you copied previously from Squadcast in here
(10) Next, edit the User and Attributes Claims section
Remove the namespace and use:
first_namefor source attribute
(11) Click on the Edit icon in the SAML Signing Certificate section
Here, download the PEM certificate
(12) From under the Set up Squadcast section, copy the Login URL
(13) Paste the copied Login URL in the placeholder for SAML 2.0 Endpoint and the contents of the PEM Certificate in the placeholder for X.509 Certificate
- Provisioning new users can be defaulted to a particular
User Rolefrom the drop-down
- You can allow
Adminsto also login using their email credentials in addition to SSO. This can be done by checking the boxes for those options
- You can simply provision new users on their first login by enabling the checkbox for the same
Once all of this have been configured based on your requirements, click on Save
(14) That’s it, your configuration is now complete!
For testing this SSO integration and if its working as expected, go back to the Azure Active Directory SSO portal, and click on Test
Then, click Sign in as current user to verify your login to Squadcast!
(15) Activate this SSO integration by enabling the toggle
(16) To login to Squadcast via Azure Active Directory SSO from here on, within your Office 365 account, click on App Launcher, click on All Apps and you will be able to see Squadcast there. Unless you have enabled email-password based login for your User Role, you will not be able to login to Squadcast using email-password from our webapp login page.
Important: We do not support provisioning and syncing of Groups from Azure Active Directory SSO into Squadcast. We support this only for Users.