Using Pipedrive single sign-on with Azure AD
Pipedrive's single sign-on (SSO) feature integrates with Azure AD to ensure that your team can access Pipedrive easily using your identity provider.
Install an app and assign a user
The first step for you to set up Pipedrive single sign-on with Azure AD is to install an app. Go to your Azure Portal and, in Azure AD, add a new application.
To do this, go to the sidebar on the left-hand side of the page, select "Enterprise applications - New application" and search for Pipedrive.
You can rename the app if you wish, Pipedrive XYZ in the example below. Next, click "Create".
Click into your new app in Azure AD, and add yourself to the app by clicking on the "Assign users and groups" option. To start, add yourself to the account.
Once you have added yourself to the application, click on the Single-sign-on-option > SAML.
In your Pipedrive account, go to Settings - Security Centre - Single sign-on.
In Azure, go to the Single-Sign-On > SAML section of your Pipedrive app settings and copy and paste the values from your Pipedrive web app settings page.
You should first match the values from the Metadata URL in Pipedrive to the Azure AD Identifier, as well as Pipedrive's single sign-on (SSL) URL to Azure's Reply URL.
Next, in Azure AD you will need to add your User Attributes & Claims.
Once done, you should then copy the App Federation Metadata Url from Azure and paste it to the Issuer field in Pipedrive.
Next, you will need to download the Certificate (Base64) from Azure AD. Once downloaded, open the certificate in any text editor and copy and paste the text to the X.509 certificate field in your Pipedrive SSO settings page.
You will then need to match your Login Url from Azure to the single sign-on (SSO) URL in Pipedrive.
Testing the SSO setup
The next step is for you to test your SSO setup. On your Pipedrive SSO settings page, click on "Test". If the setup has been successful, you should see the following message – "SSO login test successful! Enable SSO/SAML for users?"
You can now select "Enable for users" in order to enable the feature. You should then log out from Pipedrive, go to your Office 365 account home page and select your Pipedrive app from your list.
This will initiate an IDP login and, if you are logged in successfully, your SSO has been set up correctly.
If you would like your team to start using SSO, you can go to your Pipedrive SSO settings page and click "Enforce SSO login".
Was this article helpful?