How to Configure Azure AD SSO for Jotform Enterprise

November 21, 2024

Azure Active Directory (Azure AD) is an enterprise identity service that provides single sign-on (SSO), multifactor authentication, and conditional access services that you can easily integrate with Jotform. To get started you need to enable Single Sign-On in your Jotform Enterprise server. You also need an Azure AD account with admin permissions.

Creating Your Own Application

Jotform does not have an enterprise gallery application in Azure AD, so you need to add a non-gallery application to your Azure AD and configure it to use SAML-based SSO.

To create your own application

  1. Log in to your Azure AD admin center.
  2. On the left, go to Enterprise applications.
The Enterprise applications menu in Azure AD admin center
  1. On the next page, select New application.
The New application button in Azure AD
  1. Next, in the Microsoft Entra App Gallery, select Create your own application.
Instructional screenshot of the Microsoft Entra Gallery
  1. Enter a name for your app. Select the Non-gallery option, then click Create at the bottom.
Instructional screenshot of the create your own application screen in the Microsoft Entra Gallery

The setup wizard will redirect you to the app’s overview page once your app is created. Proceed to the next section to configure your Security Assertion Markup Language (SAML).

Setting Up Single Sign-On With SAML

To configure SAML

  1. On your app‘s overview page, go to Single sign-on under Manage on the left, then select SAML.
Instructional screenshot of Enterprise application's overview page with an arrow pointing to single sign-on

This will open the “Set up Single Sign-On with SAML” setup wizard which consists of five parts. Continue by completing the first two parts — Basic SAML Configuration and User Attributes & Claims.

  1. Edit the first part, Basic SAML Configuration.
Arrow guide to edit the basic SAML configuration in Azure AD
  1. Next, enter your Service Provider Metadata links.
The Basic SAML Configuration's required fields in Azure AD

The value to use for each field is as follows:

  • Identifier (Entity ID) — Use your Jotform Entity ID
    (e.g., https://example.jotform.com/sso/metadata.php).
  • Reply URL (Assertion Consumer Service URL) — Use your Jotform Service Provider Assertion Consumer Service URL
    (e.g., https://example.jotform.com/sso/?acs).
  • Sign on URL (Optional) — Use your Jotform Service Provider Assertion Consumer Service URL but replace ?acs with ?login
    (e.g., https://example.jotform.com/sso/?login).
  1. Save the changes, then exit the Basic SAML Configuration wizard.
  2. Now, edit the second part, Attributes & Claims.
Arrow guide to edit Attribute & Claims in Azure AD
  1. On the next page, select Unique User Identifier (Name ID).
Arrow guide to edit unique user identifier (name ID) under Attribute & Claims in Azure AD
  1. In the Source attribute field, enter user.mail. Save the changes, then exit the Attributes & Claims setup wizard.
Instructional screenshot of the Manage Claims page with arrows pointing to the Source Attribute text box and the Save button

Once that’s done, proceed to the next section to configure the Identity Provider Metadata settings in Jotform.

Integrating Azure AD SSO With Jotform

After completing the initial setup, Basic SAML Configuration and User Attributes & Claims settings, in your app, the next step is to provide your Azure AD details — which you can find in parts three and four of the “Set up Single Sign-On with SAML” setup wizard — to Jotform.

To integrate your Azure AD SSO with Jotform

  1. In the “Set up Single Sign-On with SAML” setup wizard, scroll down to the SAML Signing Certificate section and download Certificate (Base64).
The base64 certificate download in Azure AD
  1. Next, take note of your app’s Login URL and Azure AD Identifier URLs just below the certificate section.
Login URL and Azure AD Identifier URLs in Azure AD
  1. Now, open your Jotform SSO settings page in a new tab and enter the details in the Identity Provider Metadata fields.
Identity Provider Metadata fields in Jotform Enterprise

The value to use for each field is as follows:

  • Entity ID — Use your Azure AD Identifier.
  • SSO URL — Use your Azure AD Login URL.
  • Certificate — Use your Azure AD Certificate (Base64) file’s content.
    Note: To view your certificate, open it with a text editor (i.e., Notepad, TextEdit).
  1. Go back to your Azure AD SAML app page and assign your app to a user or group.
Assigning an app to a user or group in Azure AD
  1. Finally, go back to your Jotform SSO settings page and save your configuration.
Contact Support:

Our customer support team is available 24/7 and our average response time is between one to two hours.
Our team can be contacted via:

Support Forum: https://www.jotform.com/answers/

Contact Jotform Support: https://www.jotform.com/contact/

Send Comment:

Jotform Avatar
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Podo Comment Be the first to comment.