Configure your Microsoft Entra ID Single-Sign-On account in order to allow signups and logins to Torii.
In order to configure
Microsoft Entra ID
Directory SSO:
-
Sign in to the Azure management portal using your Azure Active Directory administrator account.
-
Choose "Azure Active Directory" -> "Directory" -> "Enterprise Applications".
-
Choose "New Application".
-
Select "Add from the gallery".
-
Search for "Torii" and select it once found.
-
Choose the "Configure Single Sign-on" section and select "SAML-based Sign-on" in the "Single Sign-on Mode" dropdown.
-
Configure the SAML integration with the following:
"Identifier": https://api.toriihq.com/api/saml/ORG_ID/callback
"Reply URL": https://api.toriihq.com/api/saml/ORG_ID/callback
"User Identifier": Select "user.mail" from the dropdown.
(replaceORG_IDwith your Organization ID. What is my Organization ID?) -
Download the "Metadata" XML file and continue from step 2 in Setup your Torii account to use SSO.
Note: The steps above cover everything you need to know. Microsoft has created a dedicated tutorial with images detailing the steps written above: Tutorial: Azure Active Directory single sign-on (SSO) integration with Torii
Enforce users to sign in using SSO
After you validated that your SSO configuration is in place and working as expected, you can go ahead and enforce all your users to login only via SSO - this is easier for them and better for the organization's security.
Go to the Settings -> Security page and change the state of the 'Enforce users to sign in using SSO' switch to On.