SSO (Single Sign-On) is a fast and convenient way to login for all employees. With SSO you can give automatic viewing access to all (or parts of) employees of your company.
SSO is available for Enterprise accounts as an add-on. For more details, check our intro and FAQ.
โ
To start the SSO setup, reach out to your Customer Success Manager.
Once in the setup process, you can use the example below if you use MS Entra (Azure).
Frontify is part of the Microsoft Entra App Gallery and so can be found easily in the app directory, and they also have a tutorial available there.
Go to Entra
Create a new Enterprise Application, Select non-gallery application and give it a name
Select Set up single sign on
Select SAML
From the SAML signing section, download the Federation metadata XML and pass it onto your Frontify contact
Upload the returning metadata at
* Please be aware that configuring the Relay State and Logout URL as mandatory, rather than optional as offered by Entra, is essential.
Group Mapping with Entra
Please see the general overview on setting up group mapping here.
After adding the groups attribute to your Attributes & Claims, you can choose which Entra groups should be sent to Frontify with users. This is helpful if you have many Entra groups and only want some groups to be mapped to Frontify.
Important to note: assigning groups to the application is separate from user provisioning. You might provision only certain groups to have access to Frontify but what we are referring to in Attributes & Claims are what groups are being sent to Frontify for group mapping.
You can follow the screenshots below to Add group claims:
Of course, don't forget to then add that user group name in the "SSO group mapping" field in Frontify in order to add users to the associated Frontify group:
Detailed information about SSO group mapping can be found in this article.