• Products
  • Get started
  • Documentation
  • Resources

Configure Azure Active Directory SSO

Azure Active Directory is a Microsoft Azure service that provides identity and access management. Opsgenie supports single sign-on with Azure AD. That way, your organization can incorporate Opsgenie into your application base in Azure AD, and this way, your users can access Opsgenie securely. Learn more about configuring SSO for Opsgenie.

Add Opsgenie application to Azure Active Directory

To configure SSO with Azure Active Directory:

  1. From your Opsgenie account, go to Settings > Login and SSO.

  2. Select Azure Active Directory. You’ll see a list of instructions and empty fields to connect Azure with Opsgenie.

  3. To start setting up Azure, leave this page open in a tab, and log in to your Azure Portal from your browser. We’ll go back to this page later.

  4. When logged in to your Azure Portal, select View under Manage Azure Active Directory.

  5. From the left side menu, select Enterprise applications. This is the directory where you’ll add the Opsgenie application.

  6. Select New application from the top panel. You’ll access the Azure AD Gallery.

  7. Search for Opsgenie.

  8. Select Create and add Opsgenie as an application.

Set up SSO

Now that you’ve added Opsgenie as an enterprise application, you can start setting up SAML.

From your Azure Portal, go to Single sign-on tab and select SAML. Here, the setup settings are listed step by step. We’ll configure the steps with the edit (pencil) button on the top right.

Step 1

  1. Select the Edit button of Step 1.

  2. You need to enter Identifier (Entity ID) and Reply URL fields on this step. This information is located in the Instructions section of the Azure Active Directory page of Opsgenie. Go back to your open tab, where you have the Azure Active Directory page from your Opsgenie.

  3. In the Instructions section, you'll see two links that are generated for your account. The first link is the App ID URI, and the second one is the Reply URL. Enter Opsgenie’s App ID URI into Azure AD’s Identifier (Entity ID) field on Step 1.

  4. Enter Opsgenie’s Reply URL into Azure AD’s Reply URL field.

  5. Leave the Sign on URL section empty.

  6. Select Save on the top panel. You'll be redirected to the setup screen.

Step 2

  1. Select the Edit icon of Step 2.

  2. Under Claim name, select Unique User Identifier (Name ID).

  3. Update the Source Attribute by selecting it. Search for user.mail and select.

  4. Select Save and exit to the setup page.

Step 3

  1. On Step 3, find the App Federation Metadata Url link and copy it.

  2. Switch back to your Opsgenie tab and paste the copied link into Metadata URL field.

Step 5

  1. Switch back to your Azure AD portal and go to the Step 5 section of the setup. Copy the Login URL link.

  2. Go back to your Opsgenie tab and paste this into the SAML 2.0 Endpoint field.

Complete the setup

  1. If you wish to enable auto-provisioning, select the Provision new users on the first login automatically checkbox and select a user role.

  2. Select Enable Single Sign-On checkbox.

  3. Select Apply settings.

Make sure that email addresses of users are exactly same on both Opsgenie and your Azure Active Directory.

Now users in your active directory can log in with Opsgenie via SSO using their directory credentials.

Additional Help