Deskbee Integrations
  • Integrações
    • SSO (SAML 2.0)
      • Microsoft Entra ID
      • Google Workspace (G-Suite)
      • Okta Identity Platform
      • Microsoft AD FS
Powered by GitBook
On this page
  • Creating a Deskbee Application in the Azure Portal
  • Assigning Users and Groups to the Application
  • Configuring Authentication
  • Errors and Solutions
  1. Integrações
  2. SSO (SAML 2.0)

Microsoft Entra ID

This document provides a step-by-step guide for configuring the Single Sign-On authentication method for Microsoft Entra ID accounts.

PreviousSSO (SAML 2.0)NextGoogle Workspace (G-Suite)

Last updated 12 days ago

  1. Access the Azure Portal

  2. This documentation was written using Azure in English. If your Azure language settings differ, consider changing them to English to make it easier to follow the steps.

Creating a Deskbee Application in the Azure Portal

  • Click on Microsoft Entra ID.

  • Click on Enterprise Applications.

  • Click on Create Your Own Application.

  • Enter a name for the application and select Integrate any other application you don’t find in the gallery (Non-gallery).

Assigning Users and Groups to the Application

  • Assign the users or groups who will have access to the application (at least your account or another one for testing purposes).

  • After assigning users, click on the Single sign-on menu to start the configuration.

Configuring Authentication

Access the Deskbee Dashboard (https://admin.deskbee.app/companyname) using the provided credentials, as you will need to exchange URLs and certificates between the Identity Provider (Azure AD) and the Service Provider (Deskbee).

  • Access the Deskbee Dashboard (https://admin.deskbee.app/companyname)

  • In the Deskbee Dashboard, go to Integrations / Authentication.

Access to Integrations / Authentication is restricted to IT and Super User profiles. Check with the administrator if your account is part of one of these profiles.

  • Enable SAML SSO Authentication.

  • Click on the three dots, then click the Add New SSO Connection button.

  • Provide a name for your connection and text displayed in the Connection Button.

  • Copy the Deskbee configuration URLs

In the Deskbee Dashboard’s Basic SAML Configuration, copy the URLs from your dashboard. These URLs should be added to the Azure Portal.

The image below is for illustration purposes only. Check your specific Deskbee account’s URLs in the Deskbee Dashboard.

  • In the Azure Portal, go to Single sign-on > SAML.

  • The SAML configuration details will be displayed. In Basic SAML Configuration (1), click Edit.

  • Return to the Deskbee Dashboard, copy the available URLs in Basic SAML Configuration, and paste them into the corresponding fields in the Azure Portal’s Basic SAML Configuration.

Deskbee Dashboard URLs vs. Azure Portal URLs:

Deskbee Dashboard

Azure Portal

Identifier (Entity ID)

Identifier (Entity ID)

ACS Response URL (Consumer Service Declaration URL)

Reply URL (Assertion Consumer Service URL)

  • Click Save.

  • Configuring Attributes (Claims), In User Attributes & Claims (2), click Edit.

  • In the Unique User Identifier (Name ID) claim, click on Value.

  • Select "Persistent" under "Choose name identifier format".

  • Set Source attribute to user.mail and save the configuration and close it.

  1. Ensure the Additional claims include the following:

Claim name

Value

http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress

user.mail

http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name

user.displayname

Additional attributes/claims for Azure integration can be ignored.

  • Check Claims: This is the final configuration for attributes/claims required for Deskbee.

  • In the Azure Portal, download the certificate in Base64 format from SAML Signing Certificate (3).

  • Return to the Deskbee Dashboard. Click on the SAML Authentication Certificate (Base64) field, choose the downloaded certificate, and upload it.

  • Configuring Azure URLs in Deskbee

In the Azure Portal under Login URL and Azure AD Identifier (4), copy these URLs and add them to the Deskbee Dashboard in the corresponding fields:

Check below the fields of the Azure Portal URLs and which field corresponds to the Deskbee Panel.

Azure Portal Field

Deskbee Dashboard Field

Microsoft Entra Identifier

Identity ID

Login URL

Login URL

Logout URL

Logout URL

  • Save the configuration in the Deskbee Dashboard by clicking Save.

  • Access your Deskbee app at companyname.deskbee.app and click the login button you named.

  • Enjoy! 😁

Errors and Solutions

If this error, “Signature validation failed. SAML Response rejected,” occurs, follow these steps:

In the Deskbee Dashboard, re-upload the certificate.

In the Azure Portal, edit User Attributes & Claims and ensure the unique user identifier has the value:

user.mail [nameid-format:persistent].

Versioning

Version

Author

Data

v1.7

Andrew Prado

19/05/2025

v1.6

Andrew Prado

19/12/2024

v1.5

Cleber Rodrigues

03/08/2021

v1.4

Cleber Rodrigues

19/02/2021

v1.3

Cleber Rodrigues e Mário Verdi

03/02/2021

v1.2

Cleber Rodrigues

08/10/2020

v1.1

Cleber Rodrigues

15/09/2020

v1.0

Mário Verdi

13/09/2020

https://portal.azure.com/