Follow the below instructions to configure SSO for your Quoter account using Azure as the SAML identity provider.
You must be subscribed to our Pro or Enterprise plans
You must be an Account Owner to configure SSO for your Quoter account.
You must have a Microsoft Azure account with Azure AD Premium activated.
You must be a Global Admin or Co-admin account in Azure.
All of your users under your account in Quoter will need an account in Azure Active Directory with exactly the same email address. We don’t create user accounts under SSO.
Before turning this feature on, log in to your Quoter account twice - once in a regular browser and once in an incognito/private window to ensure that you are still logged in to your account if you get locked out in the other window. Alternatively, you can also log in using two separate browsers.
Log in to the Azure portal (https://portal.azure.com/). In the left-hand menu, click Azure Active Directory > Enterprise applications.
Click "New application" at the top of the screen.
Click the "Create your own application" button.
On the sidebar, give the new application a name, pick "Non-gallery" application, then click the "Create" button at the bottom of the screen. This will add a custom application to your Azure Active Directory.
Once the application loads, click Users and groups in the left-hand menu. Click + Add user to assign users or user groups to this application.
Next, click Single sign-on in the left-hand menu and then on the SAML button.
Setting up Single sign-on with SAML in Azure
Basic SAML Configuration
1. In the setup screen, click the pencil icon in the Basic SAML Configuration box.
2. Enter the following URLs in the fields provided, replacing subdomain with your subdomain:
Identifier (Entity ID): subdomain.quoter.com
*Please note: Entity ID must be entered without https
Reply URL (Assertion Consumer Service URL): https://subdomain.quoter.com/users/login_saml
Sign On URL: https://subdomain.quoter.com
Logout URL: https://subdomain.quoter.com/users/logout
3. Be sure to fill in your Quoter subdomain where it says subdomain above. Note that there's no trailing slash at the end of the URL. Click Save at the top of the form when finished.
User Attributes & Claims
Return to the setup screen and click the pencil icon in the User Attributes & Claims box.
Click Unique User Identifier (Name ID).
Enter a name and select user.mail in the Source attribute drop-down menu. Click Save at the top of the form.
SAML Signing Certificate
Return to the setup screen and click the pencil icon in the SAML Signing Certificate box.
Enter a notification email for the certificate expiry reminders. Click Save at the top of the form.
Back in the setup screen, click to download the Certificate (Base64) to save the certificate file on your computer.
Setup <Your Application Name>
1. Return to the setup screen and click the View step-by-step instructions link in the Setup <Your Application Name> box.
2. Review the documentation that will guide you through filling out the:
Login URL (a.k.a. SAML Single Sign-On Service URL)
Azure AD Identifier (a.k.a. SAML Entity ID), and
Logout URL (a.k.a. Sign-out URL) fields.
Test Single Sign-on with <Your Application Name>
1. Return to the setup screen and click the Test button in the Test Single Sign-on with <Your Application Name> box to check if single sign-on is working.
Leave the Azure portal open as you continue onto configuring Quoter. You will need to refer to it frequently in the next section of this KB.
After setting up Azure, you need to configure your Quoter account to authenticate using SAML. You will need a few pieces of information from Azure to complete this step.
It's highly recommended that before you begin the below set of instructions, log in to your Quoter account twice - once in a regular browser and once in an incognito/private window.
Alternatively, you can also log in to two separate browsers to ensure that you are still logged in to your account in case you are locked out in the other window.
1. Log in to Quoter and click Account from the top navigation bar.
2. Click Authentication and then turn the Enable SAML SSO toggle switch to ON. Once this is turned on, a form will appear. You will need to collect information from Azure and enter it into this form.
Copy the Azure AD Identifier (a.k.a. SAML Entity ID) and paste it in the Quoter Issuer (Entity ID) field.
Copy the Login URL (a.k.a. SAML Single Sign-On Service URL) and paste it in the Quoter SAML Login URL field.
Copy the Logout URL (a.k.a. Sign-out URL) and paste it in the Quoter SAML Logout URL field.
Open your Base64-encoded SAML Signing Certificate downloaded from Azure portal in Notepad, copy the content of it onto your clipboard, and then paste it in the Quoter Certificate field. Important: Ensure there are no extra spaces trailing at the end of the Certificate string (i.e. after -----END CERTIFICATE-----).
3. Click Save to complete the setup of your account only when all information has been entered. If you turn on SSO before the information is entered, it will break the login experience for all users on your account.
Once you make this change, you can test your access.
Testing SSO authentication
Before you configured SSO, you should have opened Quoter in two separate browsers. If you get locked out, you will be able to use the incognito/private window to turn off SSO while you investigate the cause.
To make sure SSO is working, perform these steps:
Log out of and close the Azure management portal and the Azure AD access panel.
In a new browser session, navigate directly to the access panel at http://myapps.microsoft.com.
Enter your Azure AD credentials to log in. After authentication, you will be able to interact with the applications integrated with the directory.
Click on the SSO application you created to be redirected and logged in to Quoter.
Another way to test SSO access is to go to your account subdomain (subdomain.quoter.com) directly.