Skip to main content

Set up SSO with Entra ID (Azure AD)

Integrating Harvestr with Entra Identity Provider for SAML SSO

Marina Salmon avatar
Written by Marina Salmon
Updated yesterday

This guide explains how to set up SAML-based Single Sign-On (SSO) between Entra ID (formerly called Azure Active Directory) and Harvestr.

✅ Prerequisites

To set up SSO with Azure AD, you must:

  • Be an Azure AD administrator

  • Have a Harvestr account with Editor rights

  • Use a Harvestr Elite plan

Step 1 — Add Harvestr as a new enterprise application

  1. Go to the Microsoft Entra admin center: https://entra.microsoft.com

  2. In the left sidebar, select Applications > Enterprise applications

  3. Click + New application

  4. Select Create your own application

  5. Name it Harvestr, choose Integrate any other application you don’t find in the gallery (Non-gallery)

  6. Click Create

Step 2 — Configure SAML-based SSO

  1. Once the Harvestr app is created, go to Single sign-on

  2. Choose SAML as the sign-on method

  3. Under Basic SAML Configuration, click Edit and enter the following values:

Field

Value

Identifier (Entity ID)

https://app.harvestr.io

Reply URL (Assertion Consumer Service URL)

https://app.harvestr.io/sso/saml/acs

Sign on URL (optional)

https://app.harvestr.io/login

  1. Click Save

Step 3 — Set up User Attributes & Claims

Make sure the following claims are configured:

Claim Name

Value

email

user.mail

firstName

user.givenname

lastName

user.surname

These fields allow Harvestr to auto-provision user profiles on first login.

Step 4 — Download your SAML certificate and metadata

  1. In the SAML Signing Certificate select Download for Certificate (Raw) to download the SAML signing certificate.

  2. Return to the SAML SSO section of your Harvestr organization settings. Click on Enable and force SAML authentication for your organization.

    Paste the IDP metadata from previous step 8 and select Enable and force SAML authentication.

Step 5 — Test the SSO connection

Once the Harvestr team confirms SSO is configured on our side:

  1. Assign yourself (and/or your team members) to the Harvestr enterprise app in Azure AD

  2. Navigate to https://app.harvestr.io/sso/saml/login to test the login

  3. You should be redirected to the Azure login page, then into Harvestr


Need help?

If you run into any issues or have questions about your Entra ID configuration, feel free to contact us via our support chat.

Did this answer your question?