Who is this article for?
This article will show you how to set up Azure as an Identity Provider (IdP) for WorkRite
Please login to your Workrite account:
- Select Management System
- Select Company from the left hand navigation menu
- Select the Security panel
- Under SAML Single Sign-on, Status - Select On and click Save Changes
- Select Generate SAML Metadata and save to a location on your computer. This is an .xml file you will need in a later step (by default this is named WORKRITE_METADATA.xml).
Adding Workrite from the gallery
To configure the integration of Workrite into Azure AD, you need to add Workrite from the gallery to your list of managed SaaS apps.
To add Workrite from the gallery, perform the following steps:
- In the Azure portal, on the left navigation panel, click Azure Active Directory icon.
- Navigate to Enterprise Applications and then select the All Applications option.
- To add new application, click New application button on the top of dialog.
- In the search box, type Workrite, select Workrite from result panel then click Add button to add the application.
Configure Azure AD single sign-on
To configure Azure AD single sign-on with Workrite, please follow the below steps:
- In the Azure portal, on the Workrite application integration page, select Single sign-on.
- On the Select a Single sign-on method dialog, select SAML/WS-Fed mode to enable single sign-on.
- On the Set up Single Sign-On with SAML page, click Edit icon to open Basic SAML Configuration dialog.
- On the Basic SAML Configuration section, perform the following steps:
- Upload the metadata file as indicated above.
In the Sign-on URL text box, type a URL using the following pattern:
- On the Set up Single Sign-On with SAML page, in the SAML Signing Certificate section, click Download to download the Certificate (Base64) from the given options as per your requirement and save it on your computer.
- On the Set up Workrite section, copy the appropriate URL(s) as per your requirement.
- Login URL
- Azure AD Identifier
- Logout URL
To configure single sign-on on Workrite side, you need to use the X.509 certificate button and a text box will appear. Paste in your signing certificate and click update to save all the details entered.
Certificates must be in PEM format and base 64 encoded.
If you need assistance formatting your SAML signing certificate, you can do so here https://www.samltool.com/format_x509cert.php