Configuring SSO with Azure AD

Single sign on (SSO) with Azure AD will allow users in your organization to sign in to TeamRetro using their existing AD login - no need to create a separate TeamRetro account.

  • In your Azure Active Directory dashboard, select ENTERPRISE APPLICATIONS

  • Click New Application

  • Click Create your own application

  • When asked for the app name, type in "TeamRetro" as below:

  • Then click on Create at the bottom. (at the time of writing TeamRetro is not yet listed in the Azure Active Directory marketplace)

  • In the Getting Started section, click on Assign users and groups. Note: there is no need to "Create your test user in TeamRetro". Accounts in TeamRetro are automatically provisioned on first sign in.

  • Click on Add user/group

  • Click on  None Selected and select from the list of users (to test single sign-on) and click on Select

  • Back at the Getting Started page, Click Get started under Set up single sign on

  • When selected the Single sign-on method, select Mode SAML

  • Once redirected to the Set up Single Sign-On with SAML page, edit the details as follows:

    Enter the TeamRetro service provider details into Azure AD. You can find these under "TeamRetro service provider (SP) settings" on the Single Sign On settings page. 

    • SP Entity ID (TeamRetro) > Identifier (Azure AD)
    • Login ACS Url > Reply URL (Azure AD)

  • Click Save

  • Then, edit the user Attributes & Claims fields to match the following:

    For a full list of supported SAML attributes please see TeamRetro Supported SAML Attributes

  • Download the Federation Metadata XML file and save it locally, you will need it later.

  • Back in TeamRetro, click on UPLOAD METADATA and upload the XML file you had just downloaded

  • Toggle on ENABLED
  • Click TEST
  • In a new window, you will be redirected to your identity provider to sign in. If you are redirected back to TeamRetro your configuration has succeeded. If you encounter any errors or warnings; please contact and we'll help you out.

What's Next

  • You will now be able to access TeamRetro along with your other Azure AD applications... no sign in required!
  • When you invite your team to join you in TeamRetro, they will be presented the option of signing in with your organization's SSO

Still need help? Contact Us Contact Us