Who can use this feature?
Available on Enterprise plan.
Accessible to Owners and Admins on Web App.
To enable Single Sign-On (SSO) functionality for your Alohi applications, Fax.Plus or Sign.Plus, via Microsoft Entra ID, facilitating seamless access for your team members directly from their Azure dashboard to Fax.Plus or Sign.Plus, it's essential that you possess administrative rights for both Fax.Plus/Sign.Plus and Microsoft Azure.
Step 1: Adding the Alohi App on Azure
- Sign in to the Microsoft Azure portal at https://portal.azure.com/.
- Navigate to Manage Microsoft Entra ID and select Enterprise applications.
- Click + New application, search for Alohi, and create it.
- Once on Alohi’s Overview page, click on Set up single sign-on, then SAML.
- In the Basic SAML Configuration section, make sure the data is as follows:
Identifier (Entity ID): https://sso.alohi.com/metadata
Reply URL (Assertion Consumer Service URL): https://sso.alohi.com/login
Step 2: Configuring SSO on Fax.Plus or Sign.Plus
- Activate SSO under the Security tab on Fax.Plus or Sign.Plus.
- Input Azure-provided details like Login URL and Certificates into Fax.Plus or Sign.Plus.
- On the SSO modal, paste the values below from Azure.
Azure Values Equivalents on Fax.Plus/Sign.Plus Login URL Single Sign-On URL Microsoft Entra Identifier Entity ID Certificate (Base64)* X.509 Certificate *To get the Certificate (Base64), click on Download. Open the certificate with MS Word or TextEditor.
- Check SSO Bypass to Allow Admins to also use email/password login.
- In SSO Type select Alohi SSO, and click on Next.
Step 3: Enabling SCIM for Automatic User Management
- Enable automatic user provisioning upon assigning the Alohi app in Azure by selecting the product Fax.Plus or Sign.Plus to which you wish to automatically add new users.
- Copy the Tenant URL and SCIM Token from Fax.Plus or Sign.Plus to Azure.
Step 4: Adding and assigning Users on Azure
- Add new users under Microsoft Entra ID.
- Assign the Alohi app to users for access to Fax.Plus or Sign.Plus.
Note: Ensure to restart provisioning after changes for immediate sync. Use the User access URL in the app's properties for direct login to Fax.Plus/Sign.Plus.