Skip to content
English
Contact us Sign in
  • There are no suggestions because the search field is empty.

How to set up SAML SSO with Azure Apps

Setting up your Corporategift.com SSO account? You can use Microsoft Azure as the identity provider (IdP) for your enterprise users to sign in to corporategift.com via SSO with their Microsoft account

Setting up your Corporategift.com SSO account?

You can use Microsoft Azure as the identity provider (IdP) for your enterprise users to sign in to corporategift.com via SSO with their Microsoft username and password.

Single Sign-On (SSO) brings the most secure access to Corporategift.com without the need of the corporategift sign in process, and authenticating with your enterprise's Azure account. 

Every time you access Corporategift.com as an SSO user, it automatically reroutes you securely to Azure, and then after authentication, it routes you back to your corporategift.com account as a signed in user.

SSO uses the secure SAML 2.0 protocol to delegate the entire authentication process to Azure.

 

Prerequisites:

To configure SSO, you need:

  • An Azure account with an active subscription.
  • One of the following roles: Global Administrator, Cloud Application Administrator, Application Administrator, or owner of the service principal.
  • Completion of the steps in Quickstart: Create and assign a user account.

Enable single sign-on:

  1. You need to login at: https://portal.azure.com/
  2. Go to Enterprise applications.

    screenbud-35d4fe69-3c71-4630-bc21-040258114bbf
  3. Click New application.
    screenbud-c29d3dcd-a6ab-401b-ac39-781592477cf4
  4. Click Create your own application.
    screenbud-40a6c1b6-0250-4871-8e40-d251ca64d2f2
  5. Enter the SAML application details: 
    1. Application name: "Corporategift".
    2. Choose “Integrate any other application you dont find in the gallery (Non-gallery)".
    3. Click Create

      screenbud-bd42e1ec-9272-49c6-8038-7b1518964a5e
  6. You will be redirected to the Corporategift application main page. You will now need to click Single-sign on.
    screenbud-ffdbc872-4c77-4a28-9811-9e7ed1a1a967
  7. In the next screen choose SAML method
    screenbud-5c95d6a5-e09d-4d59-bff4-ba9562b98d9c
  8. Next we need to go through the setup SAML steps, Click Edit on the "Basic SAML Configuration" step:
    screenbud-bd7b1037-4c82-407c-bd26-d732f420abbf
  9. Get the Identifier (Entity ID) field and the the Reply URL:
    1. login to your corporategift.com account (you must be an account owner or a super admin), and navigate to the my integrations section: https://account.corporategift.com/my-integrations/
    2. Click on the SSO tab, select Microsoft Azure and click "Add"
    3. enter you company name in the company name field remove spaces and kip and convert all letters to lowercase
    4. copy the the Identifier (Entity ID) field and the the Reply URL
      Screenshot 2026-04-25 at 21.49.38
  10. Fill the configuration details as bellow:
    1. In Identifier (Entity ID) field add the identifier url you copied in the previous step  :
      make sure it matches what you see in the SSO settings on corporategift (should end with "metadata"
    2. Remove this first auto added option. (the one starting with "http://asapplicationregistery...")
    3. In the Reply URL section add the Reply URL you copied in the previous step  :
      make sure it matches what you see in the SSO settings on corporategift (should end with "acs"


      screenbud-cdec67a2-3969-4787-98a5-0e84c8eaaeac
    4. Save.
  2. Now we need to edit the User Attributes & Claims section:
    1. Click Edit:
      screenbud-9b58001f-349a-4ce8-8502-73eef2137d7d
    2. Click on Unique User Identifier
      screenbud-c6329fe0-3227-42d5-87d6-94edcd86b405
    3. Change the "Name identifier format" to Default and the  "Source attribute" to user.userprincipalname.
      screenbud-a0d25297-3a95-4c4c-abfb-59c85885aafe
      1. Save it.
    4. Next we will make some more changes to the Additional claims section:
      1. Delete rows data:
        1. emailaddress
        2. givenname
          unnamed (11)
      2. change the following rows:

        replace - "https://schemas.xmlsoap.org/ws/2005/05/identity/claims/name" to "name" and its value to "user.givername"
        replace - "https://schemas.xmlsoap.org/ws/2005/05/identity/claims/surnameto "surname" and its value to "user.surname"

        Finally it should looks like this:


      unnamed (12)
    5.  
      I you would like to send also the user's Department, if the user needs to be assigned in Corporategift.com  to a specific department (ex. sales/marketing)
      1. Add new department attribute:
        1. Click on Add new claim

          attributes_claims_b1
        2. - Set name to department
          - set source attribute to user.department
          - save it.
          manage claim
  3. Last step is to copy the required data and email it your account success manager so corporategift.com can complete the setup and configure the SSO:
    1. Copy Login URL and Azure AD Identifier from step 4.
    2. Download the Certificate (Base64) in SAML Signing Certificate section
    3. add the Login URL, Azure AD Identifier and the Certificate and in the my integrations section (from step 9) - and continue to configure the SSO on the corporategift.com account.

screenbud-9b870533-576c-4f3a-9418-a7c27704db66

That's it, once your SSO is finalized on corporategift side you are ready to go.

12. Once the app is confirmed, go to Azure Active Directory > Enterprise Applications, and select the application you registered for SSO.

- Under Properties, toggle Visible to users to yes.
- Under "User and Groups" Assign users groups to be able to use the SSO

- Now the app can be added to a Collection for My Apps page for Azure Initiated Login.

Screenshot 2024-03-27 at 11.17.46

 

Enjoy Gifting!