Skip to main content
Submit or View Requests
Deutsch Español (España) Français (France)

Configuring Azure AD for SAML Authentication

Please note: The instructions listed in this article are exclusively applicable to those who have had SAML Single Sign-On activated for their company by Aircall. To have SAML Single Sign-On activated for your company, please contact your Account Manager. Please note that, at this time, this functionality is only offered for a limited number of customers.

______________________________

 

Step 1: Create an Enterprise Application

  1. Open Azure Portal
  2. From the navigation menu on the left-hand side, click on Enterprise applications
  3. Click on New Application
  4. Click on Create your own application
  5. Select the option “Integrate any other application you don’t find in the gallery (Non-Gallery)
  6. On the Create your own application modal, enter a name for your app(e.g. acme-saml@aircall)
  7. Click on Create

Step 2: Configure SAML

  1. From the Enterprise applications menu, select your app(e.g. acme-saml@aircall)
  2. Click on Single sign-on from the menu on the left-hand side
  3. Edit Basic SAML Configuration
    • Add Identifier (Entity ID) with 
      urn:amazon:cognito:sp:us-west-2_hZkGBmIsz
    • Add Reply URL (Assertion Consumer Service URL) with 
      https://sso.aircall.io/saml2/idpresponse
    • Click on Save

Step 3: Export Metadata

  1. On the same page, from the SAML Certificates section:
    • Click on the Download button of Federation Metadata XML
    • Or, right-click copy the URL of the Download button

For more information on SAML, please read more here or contact your Account Manager.

 

Troubleshooting

If you are receiving the error below when logging in, it indicates that the email address does not match between Aircall and Azure AD.

Please follow the steps below to ensure the email address matches in Azure AD: 

  1. Go to the user's details in Azure AD and find userPrincipleName. If userPrincipleName is not the same as the email address in Aircall then proceed further
  2. Go to SAML connection
  3. Edit Attributes & Claims
  4. Click on claims/emailaddress, which is usually the first field, with value user.mail
  5. Update Source attribute with user.userprincipalname and Save
  6. Recreate the SAML connection on Aircall and try to log in again
Kate

Related articles