Pipedrive's Single Sign-on (SSO) feature integrates with Azure AD to ensure that your team can access Pipedrive easily using your identity provider.
The first step for you to set up Pipedrive SSO with Azure AD is to install an app. Go to your Azure Portal, and in Azure AD add a new application.
To do this, go to the sidebar on the left-hand side of the page, and select Enterprise applications - New application, and search for Pipedrive.
You can rename the app if you wish, Pipedrive XYZ in the example below. Next, click Create.
Click into your new app in Azure AD, and add yourself to the app by clicking on the Assign Users and groups option. To start, add yourself to the account.
Once you have added yourself to the application, click on the Single-sign-on-option > SAML.
In Azure, go to the Single-Sign-On > SAML section of your Pipedrive app settings, and copy and paste the values from your Pipedrive web app settings page.
You should first match the values from the Metadata URL in Pipedrive to the Azure AD Identifier, as well as Pipedrive's Single sign-on (SSL) URL to Azure's Reply URL.
Next, in Azure AD you will need to add your User Attributes & Claims.
Once done, you should then copy the App Federation Metadata Url from Azure, and paste it to the Issuer field in Pipedrive.
Next, you will need to download the Certificate (Base64) from Azure AD. Once downloaded, open the certificate in any text editor and copy and paste the text to the X.509 certificate field in your Pipedrive SSO settings page.
You will then need to match your Login Url from Azure, to the Single sign-on (SSO) url in Pipedrive.
The next step is for you to test your SSO setup. In your Pipedrive SSO settings page, click on Test. If the setup has been successful, you should see the following message - "SSO login test successful! Enable SSO/SAML for users?"
You can now select Enable for users in order to enable the feature. You should then logout from Pipedrive, go to your Office 365 account home page, and select your Pipedrive app from your list.
This will initiate an IDP login, and if you are logged in successfully, your SSO has been set up correctly.
If you would like your team to start using SSO, you can go to your Pipedrive SSO settings page and click Enforce SSO login.