Zoho billing logo Help Docs
/

SSO with Microsoft Azure as IdP

Microsoft Azure is a cloud-based identity and access management service that can be configured to provide Single Sign-On (SSO) functionality for the customer portal. With this configuration, your customers can sign in to Microsoft Azure and be automatically signed in to the portal using a single set of login credentials.

Note: This feature is available only for certain plans of Zoho Billing. Visit the pricing page to check if it's available in your current plan.

In this document, let’s look at how you can set up Single Sign-On.

Create an Enterprise Application in Microsoft Azure

You must first create an SAML application in Microsoft Azure to configure the SSO with the customer portal. Here’s how you can do it:

  • Log in to your Microsoft Azure account.

  • Click Microsoft Entra ID under Azure Services in the top of the page.

  • In the Default Directory Overview page, Click +Add.

  • Select Enterprise application as the application type.

  • In the Browse Microsoft Entra Gallery page, click +Create your own application.

  • In the popup, enter a name for your application and choose Integrate any other application you don’t find in the gallery (Non-gallery).

    Note: This step allows you to manually add a custom SAML 2.0 application as a connection for Zoho Billing, this ensures that your application is secure and private.

A new enterprise application will be created. You can then start setting up the Single Sign-On for the application.

SAML Configuration for Your Application

After you’ve created an application, you must configure the Single Sign-On for the application to set up the connection between Zoho Billing and Microsoft Azure.

Prerequisite: ACS URL and Relay State URL from Zoho Billing is required to configure the SAML settings in Microsoft Azure. For this, go to Settings > Customer Portal > General > Portal SSO. If the URLs are not available, reach out to us at support@zohobilling.com for further assistance.
  • Go to the application you created in Microsoft Azure.
  • In the Application’s Overview page, click Get started in the Set up single sign-on section.
  • Select SAML as your single sign-on method.
  • Navigate to Basic SAML Configuration and click Edit.
  • In the Basic SAML Configuration page, configure the following fields:
    • Identifier (Entity ID): Paste the Portal URL from Zoho Billing to set the default identity provider.
    • Reply URL (Assertion Consumer Service URL): Paste the ACS URL provided by Zoho Billing, Microsoft Azure will deliver the SAML responses after a user signs in.
    • Relay State URL: Paste the Relay State URL from Zoho Billing.
  • The other fields can be configured with the default selection, as they are already set to values that are compatible with Zoho Billing.

The SAML configuration in Microsoft Azure will be complete.

Configure Portal SSO in Zoho Billing

Once you have configured your SAML application in Microsoft Azure, you must configure the portal SSO in Zoho Billing to complete the set up.

  • Log in to your Zoho Billing organisation.

  • Go to Settings on the top right corner of the page.

  • Click General under Customer Portal.

  • Click Configure in the Portal SSO section to set up the Single Sign-On for your organisation’s customer portal.

  • Now, go to your application in Microsoft Azure.

  • Select the application that you’ve created.

  • Navigate to Manage on the left side bar and select Single sign-on.

  • Copy the Login URL and paste it in the Login URL field in Zoho Billing.

  • Copy the Logout URL and paste it in the Logout URL field in Zoho Billing.

  • Copy the Login URL and paste it in the Reset Password URL field in Zoho Billing.

  • You must paste the Certificate (Base 64) in the Public Key field in Zoho Billing. To do this:

    • Go to SAML Signing Certificate and click Download adjacent to Certificate (Base 64).
    • Open the downloaded certificate with any text editor.
    • Copy the entire contents, including the Begin Certificate and End Certificate.
    • Paste this into the Public Key field in Zoho Billing.
    Warning: Ensure you copy the certificate including both `-----BEGIN CERTIFICATE-----` and `-----END CERTIFICATE-----` , else the SSO configuration will be invalid.

  • Click Save.

The Single Sign-On (SSO) between Microsoft Azure and the portal will be set. Your customers can sign in to their Microsoft Azure AD account, and will be automatically signed in to the portal using a single sign-on, ensuring a secure and seamless authentication experience.

Test the Configured Single Sign-On Set Up

Once the application is set up and the SSO configuration is complete, you can test if the setup is working as expected from your application in Microsoft Azure. Here’s how:

  • Go to your application in Microsoft Azure.
  • Navigate to Single sign-on under Manage on the left side bar.
  • Scroll to the Test single sign-on with “application name” section.
  • Click Test.

You will be directed to the sign-on page where you can test it.

Was this document helpful?
Yes
No

Thank you for your feedback!

ON THIS PAGE