This is a technical document that will help you with configuring SAML 2.0 SSO, if you use Microsoft Entra ID (Azure AD) as your SAML 2.0 provider. Please see below instructions for configuration.
ContactMonkey supports both Service Provider and Identity Provider initiated SAML 2.0 support.
Note: you should have an open ticket/correspondence with our Technical Support team at this point. They will provide you with the relevant information needed (Application Callback URL, SP Entity ID) in order to complete your set up.
Microsoft Entra ID (Azure AD) Configuration Instructions
1. Go to the Microsoft Entra gallery and search for SAML toolkit and click on Microsoft Entra SAML toolkit.
2. Choose a name (e.g. ContactMonkey SAML) for the application, and click on Create.
3. Click on Set up single sign on.
4. Click on SAML.
5. Edit basic SAML configuration.
6. Set the following and then click Save:
- Identifier (Entity ID) to your ContactMonkey "SP Entity ID".
- Reply URL (Assertion Consumer Service URL) to your "ContactMonkey Application Callback URL".
- Sign on URL to https://contactmonkey.com/users/sign_in/sso?layout=desktop
- Note: Don't forget to change the domain to your region's domain if your're not on contactmonkey.com.
7. Go back to Single sign-on page and edit Attributes & Claims.
8. Edit the following claims:
- Click http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress
- Change Name to email
- Remove Namespace value
- Click Save
- Click http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname
- Change Name to first_name
- Remove Namespace value
- Click Save
- Click http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname
- Change Name to last_name
- Remove Namespace value
- Click Save
9. Go back Single sign-on page and from SAML Certificates click Federation Metadata XML's download button to download the metadata file.
10. From the Users and Groups page, click Add user/group and assign the application to the users that should have access to ContactMonkey.
- Note: Only the assigned users can log into ContactMonkey using SSO.