Configuring SSO with Microsoft Entra ID
  • 24 Jul 2024
  • 1 Minute to read
  • Dark
    Light
  • PDF

Configuring SSO with Microsoft Entra ID

  • Dark
    Light
  • PDF

Article summary

Setting up SSO for Microsoft Entra

Learn how to set up SSO logins for your organization that uses Microsoft Entra (f.k.a. Azure AD).

Note

The content below may be outdated as Microsoft makes changes. In addition to reviewing our setup information, we recommend checking out Azure's Marketplace app page.

Step 1

  1. From your home screen, click the menu in the top left corner.

  2. Select Azure Active Directory

Step 2

Click Enterprise applications 

Step 3

Click New application

Step 4

  1. Search for and select "Airtable."  

  2. Click Add

Step 5

  1. Click Set up single sign on

  1. Click SAML

Note

It's necessary to confirm that the identifier "Entity ID" field in your Azure SAML configuration is set as https://airtable.com/sso/metadata0418.xml. If the URL does not match, then this will prevent a valid SAML response.

Step 6

  1. Click Download to the right of "Certificate (Base64)."

  1. Copy and paste the "LoginURL."

Once complete, submit your "Login URL" and "SAML" signing certificate. Learn how to open .cer files in a text editor by following the steps in the Configuring SSO in the admin panel article

After completing the above steps, you should be able to log in from https://airtable.com/sso/login.

Troubleshooting

If you encounter any issues or need additional assistance, please get in touch with us. You can also review the Azure Active Directory single sign-on (SSO) integration with Airtable tutorial

FAQs

If another team in my company already uses SSO with Airtable, how does this impact my Business or Enterprise Scale account?

In Airtable, our system expects Enterprise Scale accounts using shared domains—domains federated to multiple Enterprise accounts—to use the same SAML metadata for SSO. What this means is that if your company has existing Enterprise Scale accounts with SSO configured, you will need to coordinate with the admins (or IT department) of the other accounts to obtain the current sign-in URLs, x.509 certificates, and ensure that your users have the necessary access to the Airtable tenant present in your company’s identity provider.

You can configure separate tenants or identity providers for domains unique to Enterprise Scale accounts, as each domain can be configured with its own SAML metadata.


Was this article helpful?