This feature is only available to Enterprise customers
Set up Azure Active Directory
- Select Enterprise Applications from the left menu
- Select New application
- Select Create your own application
- Add the name as Runn SSO and select Integrate any other application you don't find in the gallery
- Select Single sign-on from the left menu
- Select SAML
- Under Basic SAML Configuration select edit
- Add Identifier (Entity ID) as your company name with lowercase and dashes. For example, my-company
- Add Reply URL as https://app.runn.io/users/auth/saml/callback (if you are using a subdomain, replace app with your subdomain)
- Leave the rest blank and press Save
- Under User Attributes & Claims press Edit
- Edit the http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name to be user.displayname and save
- You are now finished the initial set up. You will need to ensure the right users & groups have access to the this enterprise app.
Set up in Runn
- Visit Account Settings and press Edit
- Add an Alias, which is used for easily identifying your account.
- Turn on SAML SSO
- Press Save
- Edit account settings again, and you will see the SAML Settings box.
- Add the Runn SSO Callback URL to the Reply URL in Azure AD if you haven't completed this step already
- Copy the Identifier (Entity ID) [1] from Azure AD and paste into the Issuer field in Runn. In our example it was my-company
- Copy the Login URL [4] and paste it into SSO Target URL within Runn
- Download the Certificate (Base64) [3] and copy the value inside this. Add the value into IDP Certificate.
This should be base64 encoded and start with
-----BEGIN CERTIFICATE----- - Leave Email claim as the default value
- Leave Name claim as the default value
- Press the Save on the SAML Settings box
Testing and FAQ
See our general SAML help for information on testing and additional settings.