Azure AD integration with Zoho Vault
(Available in Enterprise Edition only)
Zoho Vault provides an option for IT administrators to integrate with Microsoft's Azure Active Directory for easy collaboration and user management. With this integration, there are two primary benefits:
- It provides centralized user management from the Azure AD portal and control over who can access Zoho Vault.
- Users can access Zoho Vault with their existing Azure AD credentials.
This integration involves three steps:
- Add Zoho from the Azure gallery
- Configure Azure AD Single Sign-on
- Assign Users
Note: Only the Super Admin(s) can enable Azure AD Single Sign-on for their organizations.
- A valid Azure subscription
- A Zoho Vault account with Enterprise Edition license
- Completion of the first step of Domain Configuration, as shown here.
Adding Zoho from the Azure gallery
- Log in to the Azure portal and click Azure Active Directory from the panel on the left.
- Select Enterprise applications under Manage and click All applications.
- Click New Application to add your application from the gallery.
- Search for Zoho and add it from the search results by clicking Add.
Configuring Azure AD Single Sign-on
- Access your Azure portal and navigate to Azure Active Directory >> Enterprise application >> All Application and select Zoho. Under Manage, select Single Sign-on and set your Single sign on mode to SAML.
- Edit the Basic SAML Configuration section to fill the Identifier, Reply URL and Sign on URL details. Set https://accounts.zoho.com/samlresponse/your-verified-domain as your Reply and Sign-on URL.
Note: Replace <your-verified-domain> with your actual verified domain URL
- Set the Identifier as zoho.com and the Relay State as aHR0cHM6Ly92YXVsdC56b2hvLmNvbV9fSUFNX19ab2hvVmF1bHQ=
- Edit the SAML Signing Certificate field to download and save the certificate on your computer Base64 certificate.
- Copy the details of the Login URL, Azure AD Identifier and Logout URL from the Set up Zoho section for your reference.
- Log in to your Zoho Vault account as a super admin, navigate to the Admin AD/LDAP Integration section from the Admin tab and select SAML Configuration
- Select Enter the IdP details manually and enter the Login and Logout URL details from the Azure portal in the corresponding Login and Logout URL fields.
- Upload the certificate downloaded earlier (extension must be .cer) and select RSA for the algorithm. Click Save and Enable to complete the set up.
- Access your Azure portal and navigate to Azure Active Directory >> Enterprise application >> All Application and select Zoho. Under Manage, select Users and groups.
- Click Add user and select Users and groups to add users from the list.
- Click Assign to complete the setup.
Users can log in to Zoho Vault using the Login URL copied from step 5 of Configuring Azure AD Single Sign-on.