Skip to main content

Single Sign On Configuration

Beeceptor offers support for SAML 2.0-based Single Sign-On (SSO) login, allowing seamless integration with prominent identity management tools like Google Workspace, Azure Active Directory, Okta, among others, to delegate authentication for your users.

info

Please note that this feature is available under Enterprise plan.

Azure Active Directory

Enabling Azure Active Directory (Azure AD) for Beeceptor login involves the following steps in the new Azure Management Console.

  1. You need to access the Microsoft Azure Management Console and navigate to Azure Active Directory in the navigation pane.
  2. Select 'Enterprise Applications' and follow the provided tutorial for setup.
  3. Follow the below tutorial for complete setup.

Beeceptor Configuration Details

For configuring the Beeceptor details in Azure SAML application setup, please use the following required attributes:

  • Identifier (Entity ID): beeceptor.com
  • Reply URL (Assertion Consumer Service URL): https://beeceptor.com/auth/identity-provider/callback

azure-list-sso-attributes

Azure AD App Details

Map The Claims

To ensure Beeceptor receives attributes/claims from Azure AD, map the following attributes:

  • Update Unique User Identifier to user.mail.
  • Create displayName as new claim, and map it to user.displayname.

azure-list-sso-attributes

Response Signing

Beeceptor expects response as well as assertion signed. Use the following steps to enable it:

  1. Navigate to 'SAML Certificates' (step 3 on the same page) and click Edit.
  2. Within the 'Signing Option' section, opt for 'Sign SAML Response and Assertion'.
  3. Save your changes

azure-list-sso-attributes

Share With Beeceptor

To proceed further, provide the following information to Beeceptor support team:

  1. Your organization's email domain
  2. The Base64 encoded certificate
  3. Login URL
  4. Azure AD Identifier.

azure beeceptor share with support team

Optional Configuration

Additionally, to enhance the user experience, you can add the Beeceptor logo so that users can easily recognize the application. The Beeceptor logo is available at the following links:

azure add beeceptor logo

Assign Users Using Groups

Ensure to assign users or groups to the Beeceptor application. Only the assigned users will be able to see the Beeceptor app icon under "My Applications."

azure add users to beeceptor

  • Please note that Beeceptor does not support the syncing of Groups from Azure AD to Beeceptor. Permissions and roles are managed within Beeceptor per endpoint.

Test The Integration

The Beeceptor Support Team will complete the configuration for your domain. You can initiate testing once the support team confirms the setup. Just click the 'Test' button to validate the end-to-end integration.

It's worth noting that Beeceptor will automatically provision a user on their first login attempt. Users can log in to Beeceptor via SAML in two distinct methods:

IdP Initiated Login

Within your Microsoft or Office 365 account, click on App Launcher, click on All Apps and you will be able to see Beeceptor app there.

SP (Beeceptor) Initiated Login

Your users are requested to utilize the following link to access Beeceptor's Single Sign-On (SSO):

https://beeceptor.com/auth/identity-provider