All categories
Blog
Knowledge Base
Academy
Community

No results for ""

Knowledge Base

Using Pipedrive Single sign-on with Azure AD

BF
Breandan Flood, September 24, 2021
Note: This can only be set up by the admin user in both Azure AD and your Pipedrive account.

Pipedrive's Single Sign-on (SSO) feature integrates with Azure AD to ensure that your team can access Pipedrive easily using your identity provider.


Install an app and assign a user

The first step for you to set up Pipedrive SSO with Azure AD is to install an app. Go to your Azure Portal, and in Azure AD add a new application.

To do this, go to the sidebar on the left-hand side of the page, and select Enterprise applications - New application, and search for Pipedrive.

Azure AD select PD

You can rename the app if you wish, Pipedrive XYZ in the example below. Next, click Create.

Pipedrive XYZ

Click into your new app in Azure AD, and add yourself to the app by clicking on the Assign Users and groups option. To start, add yourself to the account.

Note: The first user added to Azure AD should be an admin user in Pipedrive and Azure AD.

Azure getting started

Configuring SSO

Once you have added yourself to the application, click on the Single-sign-on-option > SAML.

SSO SAML

In your Pipedrive account, go to Settings - Security Centre - Single sign on.

SSO SLO-Removed


In Azure, go to the Single-Sign-On > SAML section of your Pipedrive app settings, and copy and paste the values from your Pipedrive web app settings page.

You should first match the values from the Metadata URL in Pipedrive to the Azure AD Identifier, as well as Pipedrive's Single sign-on (SSL) URL to Azure's Reply URL.

SAML
SAML2


Next, in Azure AD you will need to add your User Attributes & Claims.

User A Claims

Once done, you should then copy the App Federation Metadata Url from Azure, and paste it to the Issuer field in Pipedrive.

SAML3
SSO


Next, you will need to download the Certificate (Base64) from Azure AD. Once downloaded, open the certificate in any text editor and copy and paste the text to the X.509 certificate field in your Pipedrive SSO settings page.

SAML Cert
Cert blur

You will then need to match your Login Url from Azure, to the Single sign-on (SSO) url in Pipedrive.

Login URL
SSO url


Testing the SSO setup

The next step is for you to test your SSO setup. In your Pipedrive SSO settings page, click on Test. If the setup has been successful, you should see the following message - "SSO login test successful! Enable SSO/SAML for users?"

Note: You should not click Enforce SSO login yet.


You can now select Enable for users in order to enable the feature. You should then logout from Pipedrive, go to your Office 365 account home page, and select your Pipedrive app from your list.

This will initiate an IDP login, and if you are logged in successfully, your SSO has been set up correctly.

If you would like your team to start using SSO, you can go to your Pipedrive SSO settings page and click Enforce SSO login.

Note: For additional information on setting up SSO with Azure AD, you can read this article.
Was this article helpful?

Yes

No

Related articles

Got any questions?

Contact us