This article is an overview of the steps required to integrate ContractSafe with Active Directory hosted on Azure.  In order to set this up, you must have Admin or Account Manager access on ContractSafe and also Admin access on Azure. 

Step 1. In ContractSafe Settings, under Security & Integrations, turn on SSO and generate and copy the ContractSafe Saml2 Single Sign On URL.

Step 2.  In Azure Active Directory, go to Enterprise applications and then All Applications

Step 3.  Select + New Application and then search for ContractSafe in "Add from the gallery' to add the ContractSafe Saml2 SSO Application

Step 4.  After adding the ContractSafe application, click into the application and then select '2. Setup single sign on':

Step 5. Use the ContractSafe Saml2 URLs (copied in step 1) to replace the Identifier (Entity ID) and Reply URL in SSO settings in Azure:

Step 6.  In Azure, add a new Claim with the name of usermail and a Source Attribute of user.mail under 2 User Attributes & Claims: 

Step 7.  Under 3 in SML-based Sign-on either copy the App Federation Metadata Url or Download the Federation Metadat XML and upload or copy into ContractSafe Settings, under Security & Integrations. Then enter the word usermail in the Email Identifier field.

Step 8.  Add users to ContractSafe.  If users are not already added to the Active Directory, they must be added.  Users must be added to both the ContractSafe account and the Azure Active Directory.  The email addresses must match exactly. 

**Note:  Once the SSO is turned on, all users must login through the Azure SSO.  Only the account owner will be able to login to through the SSO and through the ContractSafe login. 

Step 9.  The final step is to test the single-sign-on with the ContractSafe Sml2 SSO 

If you need further assistance please use the chat icon in the bottom right-hand of your screen to ask us for help. You can also contact us a

Stay Safe!

Did this answer your question?