Setting up Azure with Kazoo!

To begin, the SSO point of contact for the company will need to follow all instructions here:

Microsoft Azure Active Directory SaaS YEI tutorial

If setting up in the sandbox environment, follow the steps as listed. If setting up in the production environment, when at the “Create an Azure AD test user” step, the tutorial suggests a test user but it is best to test with an actual user who already has a log in within Azure and the YEI platform. If there are any issues with this process, please speak to your Customer Success point of contact.

After all of those steps have been followed, we need the Federation Metadata URL. Once the tutorial has been completed and your AM or CS rep has the metadata information, we can set up the YEI side to properly work with Azure SSO. As soon as that setup is complete, a login attempt can be made to test.

Important notes:

  • Ensure, under KazooHR app properties, that “Enabled for user to sign-in?” is set to yes
  • Within the Single Sign-On settings page, make sure that the Identifier (entity id) does NOT include “https://” prior to the url listed. In the example below, the subdomain is Test:
  • Add the Assertion Consumer Service URL:
  • If mobile app will be used, Active Directory instance will require configuration changes that allow out of network access.