If your company manages your users with Microsoft Azure Active Directory, you can leverage its Single Sign-On (SSO) capabilities. This give your end users the ability authenticate their identify for the Procore application using their Microsoft Azure Active Directory account. With this SSO integration, you can:
- Leverage SSO with a Microsoft Azure subscription.
- Simplify your entire organization's password management process.
- Avoid problematic user password management with this easy to use integration.
Add the Azure Active Directory SSO Certificate and Issuer URL to Procore
- Log into the Procore application.
Important: You must log into Procore with an account that has been granted 'Admin' level permissions to the Company level Admin tool.
- Navigate to the Company level Admin tool.
- Under 'Company Settings', do the following:
- Single Sign On Issuer URL. Paste the 'Remove Login URL' that you obtained from Azure Active Directory in this field. See Configure SSO in Azure Active Directory.
- Single Sign On x509 Certificate field. Paste the information from the certificate that you downloaded from Azure Active Directory. See Configure SSO in Azure Active Directory.
Important! When copying the certificate information from , do NOT copy the "------------BEGIN CERTIFICATE------------" and "------------END CERTIFICATE------------" markers. You only want to copy the text that resides between these markers.
- Single Sign On x509 Certificate. Always leave this field blank to avoid redirecting users to an unsupported login page. A target URL is NOT supported by the Azure Active Directory SSO solution.
- Scroll to the bottom of the page, and click Save Changes.
You should now log into Azure Active Directory or have an end user log in to verify the configuration settings were entered correctly.