If you're looking for general instructions to link your SAML to Float's SSO feature please refer to the 'Setting up SAML Single Sign-On (SSO)' article.
Float's Azure integration allows companies to onboard their employees through Float's secure SAML-SSO service!
Float - Azure SAML integration guide
- Log into the Azure AD Admin Center.
- Navigate to 'Enterprise Applications' > 'New Application' > 'Create your application'.
- In the sidebar name the application "Float". Select 'Integrate any other application you don't find in the gallery (Non-gallery)' under the 'What are you looking to do with your application?' section.
DO NOT select any of the existing options under 'We found the following application that may match your entry.' - Click 'Create'. You will now be redirected to the application overview page for the "Float" app you've just created.
- In the sidebar, under 'Manage' > 'Properties', and add the image below as the app icon for "Float".
- Head back to 'Manage' > 'Single Sign-On' and select "SAML" as your single sign-on method.
- In the sidebar under “Manage” click “Single sign-on”. Then select “SAML” as your single sign on method.
- Click “Edit” under “Basic SAML Configuration”. Under “Identifier (Entity ID)” click “Add identifier” and enter the Entity ID that is provided in the “Service Provider Configuration Info” section of the Float SAML page. Under “Reply URL (Assertion Consumer Service URL)” click “Add reply URL” and enter the ACS URL provided in the “Service Provider Configuration Info” Section of the Float SAML Page.
Then hit “Save” in the top corner, and close the page.
If you do not use Microsoft as your email provider, skip to step 13. If you use Microsoft as your email provider, continue to step 9.
9. Click “Edit” in the “Attributes & Claims” section.
10. Under additional claims, click the claim with “Claim Name” “http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress”.
11. Change “Source Attribute” to “user.userprincipalname”.
12. Click “Save” and exit the page.
13. Under “SAML Signing Certificate”, click “Download” next to “Federation Metadata XML”. Please upload this file in the “Identity Provider Configuration Info” section in the Float SAML page using the “XML file” option.
14. Assign users to your application by clicking “Users and groups” in the “Manage” section of the sidebar.
15. Go back to the Float SAML page. Press the “Test” button to test signing in via SAML. This will redirect you to your IdP to sign in. If the sign in is completed successfully, you should see the status change to “Tested”.
If the status does not change, then there is an issue with your configuration in your IdP. Once you have successfully tested, you can then enable the SAML configuration for everyone in your organization.
Note: Float will redirect users to use your SAML sign in page based off of the domain of the user’s email - this is why we require your users email domain. If you add a user that does not belong to one of the domains you added, then that user will be authenticated via username and password.