Setting up SSO with Microsoft Entra

Create Application

1. Open the Microsoft Entra admin center at entra.microsoft.com

2. In the left menu, navigate to Applications > Enterprise applications. (You might need to click Show more)

   

3. Click New application

4. Click Create your own application.

5. Enter the following data.

   Field	Content
   What's the name of your app?	freispace
   What are you looking to do with your application?	Integrate any other application you don't find in the gallery (Non-gallery)

6. Click Create.

   A new application has now been created and its settings opened.

7. On the left sidebar, navigate to Single sign-on.

8. Select SAML as the single sign-on method.

   

9. Head over to freispace, and start by clicking Add tenant and entering a name for this connection, i.e. Microsoft.

   freispace will generate and display an Reply URL (ACS) and Identifier (Entity ID) right away.

Configuring Microsoft Entra

1. On Microsoft Entra, click the small Edit button on the top right.

   

2. Copy over the settings from freispace into Microsoft Entra.

   freispace	Microsoft Entra	Example data
   Identifier (Entity ID)	Identifier (Entity ID)	https://api.app.freispace.com/api/v1/saml2/xxx/metadata
   Reply URL	Reply URL (Assertion Consumer Service URL)	https://api.app.freispace.com/api/v1/saml2/xxx/acs
   Team Login URL	Sign on URL	https://app.freispace.com/login/xxx

   

3. Click the small Save button on the top left and the close the menu.

Configuring freispace

1. On Microsoft Entra, scroll down to SAML Certificates and click Download to get the Certificate (Base64).

   

2. Open the downloaded freispace.cer file in a text editor. (On windows, right-click the file, select Open with..., select Notepad and confirm with Just once.)

3. Select the file's entire content and copy it.

4. On freispace, paste the certificate's file content into the field IdP X.509 Certificate.

5. On Microsoft Entra, scroll down further and copy the settings from Set up freispace into freispace.

   freispace	Microsoft Entra	Example data
   IdP Issuer ID	Microsoft Entra Identifier	https://sts.windows.net/xxx/
   Login URL (SSO endpoint)	Login URL	https://login.microsoftonline.com/xxx/saml2
   Logout URL (SLO endpoint)	Logout URL	https://login.microsoftonline.com/xxx/saml2

   

6. Additionally, enter the following data.

   freispace field name	Data
   Namespace definition for given names	http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname
   Namespace definition for surnames	http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname

7. On freispace, click Save settings.

8. Now, click Activate.

Final steps

1. On Microsoft Entra, navigate to Properties.

2. For the Logo, download and then upload this file: freispace-icon.png

3. Set Assignment required? to No.

   

4. Click the Save button up top.

Finally done! 🎉

Users may now login to freispace via Microsoft Entra.