Azure Active Directory is a Microsoft Azure service which provides identity and access management. Opsgenie supports single sign on with Azure AD, which means your organization can easily incorporate Opsgenie into your application base in Azure AD and let your users securely access Opsgenie.
For general information about Opsgenie's Single Sign-On feature, refer to the Single Sign-On with Opsgenie document. This document describes the specific instructions you can use to integrate Azure Active Directory with Opsgenie SSO.
To configure Single Sign-On integration between your Azure Active Directory and Opsgenie accounts, go to Opsgenie SSO page, select "Azure AD" as provider and follow the instructions below:
- On another tab or page, open your Azure Portal and navigate to Azure Active Directory
- Select Enterprise applications. This is the directory where you will add the Opsgenie application.
- Click New application button from the top panel.
- On the next screen, search for Opsgenie on the "Add from gallery" section.
- When your search is matched, click on Opsgenie. You'll see the details of Opsgenie app is displayed on the right panel.
- Click Add.
- After adding Opsgenie as an enterprise application, go to Single sign-on tab to configure it.
- Select SAML.
- Here, the setup settings are listed step by step. You can configure each step with the pencil shaped edit icon on the top right. Click on the Edit button of Step 1.
- You need to enter Identifier (Entity ID) and Reply URL fields on this step.
- Switch back to your Opsgenie to get the links for these fields.
- Go to SSO Setup for Azure Active Directory page.
- Here, you'll see two links that are generated for you. The first link is the App ID URI and the second one is the Reply URL.
- Enter the App ID URI into Identifier (Entity ID) field.
- Then enter the Reply URL into Reply URL field on the Azure portal.
- Leave Sign on URL section empty.
- Click Save on the top panel.
- You'll be redirected to the setup screen. Go to Step 3 of the setup and copy the App Federation Metadata Url link.
- Switch back to Opsgenie and paste the copied link into Metadata URL field.
- Switch back to Azure portal and go to Step 4 section of the setup. Copy the Login URL link.
- Then, one more time, go back to Opsgenie and paste this into SAML 2.0 Endpoint field.
- If you wish to enable auto-provisioning, select the Provision new users on the first login automatically checkbox and select a user role.
- Select Enable Single Sign-On checkbox.
- Then click Apply settings.
** Make sure that email addresses of users are exactly same on both Opsgenie and your Azure Active Directory.
- Now users in your active directory can login with Opsgenie via SSO using their directory credentials.
Updated 2 months ago