Admin Single Sign-On (SSO) Setup: Integrating Microsoft Entra ID with Vome

Admin Single Sign-On (SSO) Setup: Integrating Microsoft Entra ID with Vome

This article outlines how to integrate Microsoft Entra ID with Vome using SAML-based Single Sign-On (SSO). It covers the complete process - from adding Vome as a custom application in Microsoft Entra ID to configuring the necessary SAML fields between Azure and Vome. This guide is intended for system administrators managing SSO within their organizations.


Overview

Integrating Microsoft Entra ID with Vome allows your organization to manage user authentication centrally. This setup streamlines access for administrators and users, enhances security, and simplifies management by consolidating authentication via SSO.

NotesNote: If your organization also uses Exchange365, please note that this guide focuses on Microsoft Entra ID integration. Additional configuration steps may be needed for Exchange365—contact support if further assistance is required.


Prerequisites

Before you begin, ensure you have:

  • An active Microsoft Azure account with permissions to manage Azure Active Directory and Enterprise Applications.
  • Access as the account holder of the Vome Admin platform.
  • Your Vome subscription has access to the Ultimate plan.
  • Basic familiarity with SAML protocols.
  • The necessary Vome SSO details (such as URLs, Tenant ID, and certificate links) ready for configuration.

Step 1: Add Vome as a Microsoft Entra ID Application

  1. Log in to the Azure Portal:

  2. Navigate to Azure Active Directory:

    • Go to Azure Active DirectoryEnterprise Applications.
  3. Create a New Application:

    • Click + New ApplicationCreate Your Own Application.
    • Enter a name for the application (e.g., Vome SSO).
    • Select the option “Integrate any other application you don’t find in the gallery.”
    • Click Create.

Step 2: Configure Single Sign-On (SSO) in Azure

  1. Access the Application Settings:

    • Open your newly created Enterprise Application.
  2. Select Single Sign-On:

    • In the left-hand menu, click Single Sign-On.
    • Choose SAML as your SSO method.
  3. Edit Basic SAML Configuration:

    • In the Basic SAML Configuration section, click Edit at the top-right.

    • You will need to add the following details:

      • Identifier (Entity ID)

      • Reply URL (Assertion Consumer Service URL)

  4. Save the Configuration:

    • After entering the Identifier and Reply URL, save your changes.

Step 3: Exchange Key Fields Between Microsoft Entra ID and Vome

  1. Copy the Login URL:

    • From the Microsoft Entra ID portal, locate and copy the Login URL.
    • Paste this URL into the corresponding field in your Vome Admin settings.
  2. Download and Upload the Certificate:

    • Download the SAML Signing Certificate in Base64 format from the SAML Signing Certificate section in Azure.
    • Upload this certificate into Vome where prompted.
  3. Enter Additional Details in Vome:

    • Tenant ID:
    • Client ID: 
      • This value, once stored in Vome, will be hidden for security reasons
    • Client Secret:
      • This value, once stored in Vome, will be hidden for security reasons

Step 4: Upload Vome SAML Metadata and Certificate

  1. Upload SAML Metadata:

    • Use the following link to upload the metadata file:
      • SAML Metadata
  2. Upload SAML Certificate:

    • Upload the certificate file using this link:
      • SAML Certificate

Finalizing the Integration

  1. Review All Settings:

    • Verify that the Identifier, Reply URL, Login URL, Tenant ID, and certificate details match exactly on both the Azure and Vome platforms.
  2. Test the Integration:

    • Conduct a test SSO login to ensure that users can authenticate seamlessly through Microsoft Entra ID.
  3. Troubleshoot if Necessary:

    • Login Issues: Confirm that the SAML URLs are correct.
    • Certificate Errors: Ensure that the certificate is in the proper Base64 format and uploaded without modifications.
    • Hidden Credentials: Remember, the Client ID and Client Secret cannot be retrieved once stored. Contact support for updates if needed.

Additional Notes on Exchange365

The provided instructions are solely for setting up SSO with Microsoft Entra ID. If your environment requires Exchange365 integration or if you encounter related issues, please contact our support team for further guidance.

    • Related Articles

    • Master the Vome fundamentals: The relationship between Categories, Opportunities & Shifts

      PLEASE READ THIS ARTICLE BEFORE SETTING UP YOUR PORTAL. Before you begin the setup process, you should become familiar with the platform's lingo and hierarchical breakdown to map out how to best structure your portal when you go through the process ...
    • What are the best practices for creating admin roles for multi-location segmentation?

      Best Practices for Creating Admin Roles for Multi-Location Segmentation Overview In Vome, multi-location segmentation can refer to different departments, geographic areas, operations, or programs. Account Holders may need to create admin roles to ...
    • Why can't an admin see a profile in the database?

      Why Can't an Admin User See a Profile in the Database? If you're an admin user and cannot see a specific profile in the database, there could be several reasons why. Below are the most common explanations and best practices for ensuring proper ...
    • Why Choose the Ultimate Plan on Vome?

      The Ultimate Plan on Vome Volunteer is designed for organizations that require advanced automation, seamless integrations, and top-tier security. It includes all the features from the Pro, Enterprise, and Recruit plans while offering exclusive ...
    • How do I sign up for support?

      Here are the steps to sign up for support as an administrator  Note: Only admins are recommended to sign up for support (not volunteers) since there are FAQ that are only available to registered administrators.  Each administrator from your ...