Microsoft Azure Active Directory is a SAML based identity provider like OneLogin and Okta. It allows you to effectively manage access to your Helpshift Dashboard using a secure and scalable identity management system. The benefits of using Azure Active Directory with Helpshift Dashboard include:

  • Ease of access: no need to manually type in, renew, or worry about weak login credentials causing security issues
  • Prevent common weak points in the authentication experience, including username/password login and password reset requests
  • Quickly and easily block credentials for a team member who is no longer part of your support organization

Note: Only Helpshift Admins can execute the following steps given below, where OneLogin is configured in your Helpshift Dashboard.

To use the Microsoft Azure Active Directory with Helpshift Dashboard:

  1. In the Microsoft Azure portal, navigate to the ‘Enterprise Applications’.
  2. Click the ‘New application’ and navigate to the ‘Non-gallery application’.
  3. Select the name of your application and click ‘Add’.
  4. The App page appears.
  5. Navigate to the ‘Single Sign-on’ section and select the ‘SAML’ option.
  6. The SAML Configuration page appears.
  7. Edit the ‘Basic SAML Configuration‘ and enter the following details:
      Identifier –  https://<your-domain>.helpshift.com
      Reply URL (Assertion Consumer Service URL)- https://<your-domain>.helpshift.com/login/saml/acs/
      Sign on URL – https://<your-domain>.helpshift.com/login/saml/idp-login
      Relay State – https://<your-domain>.helpshift.com/admin
      Logout URL – leave blank
  8. Click ‘Save’.
  9. Edit the ‘User Attributes & Claims‘.
  10. Edit the ‘Name identifier value‘ and confirm the ‘Choose name identifier format’ is same as given ‘Email address‘.
  11. In the ‘SAML Signing Certificate‘, download the ‘Certificate (Base64)‘ and copy the ‘Login URL and ‘Azure AD Identifier’.
  12. Open the Helpshift Dashboard and navigate to Settings.
  13. Navigate to Integrations and turn on the Single Sign-On (SAML – SSO).
  14. Select the ‘Identity Provider (IdP)’ as ‘Azure Active Directory‘ and add the ‘Login URL‘ in the ‘SAML 2.0 Endpoint URL‘ text field.
  15. Add the certificate content in ‘X.509 Certificate‘ (without using the ‘—–BEGIN CERTIFICATE—–‘ and ‘—–END CERTIFICATE—–‘ lines).
  16. Add the ‘Azure AD Identifier‘ as ‘Issuer URL‘. Make sure that you do not check the ‘Disable Login through Email and Password‘ checkbox.
  17. Click on ‘Apply changes‘ and Logout.
  18. On the Helpshift Login page, you will see the ‘Azure Active Directory‘ as a new option to log in.