SSO

En | De

Integrations

Yoffix offers multiple SSO options:

You can find all instructions for SSO enabling in Yoffix APP (Settings -> SSO).

Login in to your Azure portal
Open https://portal.azure.com and go to Enterprise applications.
Create SAML 2.0 application
Click New application. Click Create your own application.
On the opened page enter Yoffix as a name and select Integrate any other application you don't find in the gallery (Non-gallery). Press Create.
Setup Single sign-on
Go to the Single sign-on section and select SAML. On the Single sign-on page click Edit button at the top right of the Basic SAML Configuration section
- For the Identifier (Entity ID) enter https://api.app.yoffix.com/sso/saml/metadata
- For the Reply URL (Assertion Consumer Service URL) enter https://api.app.yoffix.com/sso/saml/assert
- Leave all the rest fields blank
- Press Save
Click Edit Attributes & Claims
Click on the Unique User Identifier (Name ID) under Required claim and change Source attribute to user.mail
Press Save
Under Additional claims
- Add email claim
- Add first_name
- Add last_name
- You may remove other claims if you want
Note that Namespace should be empty for added claims!
You should end up with the following attributes setup
Assigning users
Go to the Users and groups tab and press Add user/group button to add users or groups, which will use Azure SSO to sign in into Yoffix.
Getting metadata
Go back to Single sign-on tab and press Download Federation Metadata XML

Go to Settings → Integrations and click on the Microsoft AD under SSO section
In the dropdown select SAML
Add SSO Url and Certificate from the IdP.
SSO Url is Login URL from the step 4
Certificate is X509Certificate
Add up to 10 Email domains. Example: if your company emails(used from Single sign on) have format name@yourorgdomain.com then you should add yourorgdomain.com