ScreenSteps Help

How to Set up Single Sign-on with Microsoft (Azure/Entra ID) for your Account and Primary Site

Updated on

Workflows are not supported in your browser.
Please use a recent version of Chrome, Edge, Firefox or Safari to display this page.

Prepare for SSO Configuration

  • Ensure you have:
    • Microsoft Entra user account with active subscription
    • Role: Application Administrator, Cloud Application Administrator, or Application Owner
    • ScreenSteps SSO-enabled subscription

Add a Group in ScreenSteps

  1. Sign in to ScreenSteps as an Account Admin

    If you are not an Administrator, reach out to your ScreenSteps contact to create a user account that is an Account Admin.

  2. Go to Account Settings 
  3. Click Groups
  4. Create group
  5. Name the group > Create

    You can call it SSO Authorization or something similar.

Add Group to Site

  1. Navigate to Site's Permissions
  2. Click Add group
  3. Select Group > Assign Permission level to View

Configure Identity Provider in ScreenSteps

  1. Click Site Management
  2. Click Configure in Admin Tab

    You are going to configure the Login method.

  3. Select SAML as the identity provider
  4. Type CHANGE > Click Change

Copy the SAML Consumer URL and Entity ID for later use

  1. Click Configuration Tab
  2. Copy SAML consumer URL

    Scroll down the page and copy the SAML consumer URL > paste it to a text editor (you will use this later).

  3. Copy Entity ID

    Copy the Entity ID > paste it to a text editor (you will use this later).

Add ScreenSteps in Microsoft Entra ID

  1. Sign in to Microsoft Entra admin center.
  2. Go to Entra ID > Enterprise apps > All applications.
  3. Click New application
  4. Search for ScreenSteps 
  1. Add it from the gallery

Configure ScreenSteps Microsoft Entra SSO

  1. Go to Entra ID > Enterprise apps > ScreenSteps > Single sign-on
  2. Select SAML as the sign-on method

     

  3. Edit Basic SAML Configuration
  4. Update Values
    • Identifier (Entity ID): Paste Entity ID from ScreenSteps
    • Reply URL (SAML Consumer URL): Paste SAML Consumer URL from ScreenSteps
    • Sign-on URL: Paste SAML Consumer URL from ScreenSteps

Complete the following

  1. Download the Certificate (Base64) from Entra and save it
  2. Copy the Login URL from Entra

     

Complete the following

  1. Paste in the Login URL to ScreenSteps
  2. Upload Certificate to ScreenSteps

Assign to Group

Assign User (or test user) in Microsoft Entra

  1. Click Users and groups
  2. Add user/group
  3. Select user OR create a test user
    1. Select a user from your organization
    2. If Creating a test user
      1. Create a test user (e.g., B.Simon).
      2. Assign the user to the ScreenSteps app.

Test SSO Configuration

  1. Go to the Testing and Activation tab in ScreenSteps.
  2. Copy the SAML Test URL.
  1. Open an Incognito browser window and paste the URL.
  2. Sign in with the test user credentials.
  3. Verify access and user appearance in ScreenSteps.

Activate Identity Provider

  1. From the Activation tab, check the Active box.
  2. Click Done.
  3. Log in using the Identity Provider.
Congratulations, you are done!
Previous Article How Identity Providers, domains, sites, and your account are associated
Next Article How to update your certificate from Azure/Entra and add it to ScreenSteps

Authentication (SSO, SCIM, SAML, Usernames, Passwords)

Passwords 1
Single Sign-on 6
Single Sign-on FAQs 4
Using ScreenSteps Remote Authentication with Atlassian Crowd 2

Other Resources

Print Article