Authentication > Integrate Okta
Integrate Azure AD
This guide explains the process of configuring SAML-based Single Sign-On (SSO) between Microsoft Azure Active Directory and Tallyfy. This integration enables automated user authentication and provisioning.
- Azure subscription with Azure Active Directory access
- Administrator privileges in Azure AD
- Tallyfy Professional or Enterprise plan
- SAML configuration values from Tallyfy Support
The integration involves three main phases:
- Creating and configuring an Azure AD enterprise application
- Configuring SAML settings in both systems
- Enabling and testing the SSO integration
-
Sign in to the Azure Portal ↗ with administrator credentials
-
Navigate to Azure Active Directory service
-
Select Enterprise Applications under the Manage section
-
Click +New application
-
Select Create your own application
-
Enter “Tallyfy” as the application name
-
Select Integrate any other application you don’t find in the gallery (Non-gallery)
-
Click Create
You can assign users to the application now or after completing the configuration:

-
In the application’s sidebar under Manage, select Single sign-on
-
Choose SAML as the sign-on method
-
Click Edit in the Basic SAML Configuration section.
-
Obtain Tallyfy’s SAML values: Navigate to your organization’s profile in Tallyfy.
-
Go to the Org Settings tab.
-
Click Add Configuration Details.
-
Scroll down to view the default SAML values.
-
Enter the Tallyfy SP ACS URL into Azure AD’s Reply URL (Assertion Consumer Service URL) field.
-
Enter the Tallyfy SP Entity ID into Azure AD’s Identifier (Entity ID) field.
-
Click Save.
This step is critical for proper user identification and provisioning. Configure each attribute as follows:
-
Configure the Name Identifier (User ID): Click the Unique User Identifier (Name ID) row.
-
Select Persistent for Name identifier format.
-
Select user.mail for Source attribute.
-
Click Save.
-
Configure the First Name Attribute: Click the attribute row (e.g., user.givenname).
-
Change Name to:
FirstName
(exact capitalization required). -
Remove any value in the Namespace field.
-
Set Source attribute to:
user.givenname
. -
Click Save.
-
Configure the Email attribute using the same process: Set Name to
Email
, ensure Namespace is empty, and set Source attribute appropriately (e.g.,user.mail
). Click Save. -
Configure the Last Name attribute using the same process: Set Name to
LastName
, ensure Namespace is empty, and set Source attribute appropriately (e.g.,user.surname
). Click Save.
The final attribute configuration should look like this:

From the Azure AD application configuration:
-
Go to the Set up section.
-
Collect the Login URL.
-
Collect the Azure AD Identifier.
-
Download the Certificate (Base64) from the SAML Signing Certificate section.
-
Provide the collected Azure AD SAML information to Tallyfy Support
-
Tallyfy Support will enter this information in your organization’s SAML configuration
After Tallyfy Support configures your SAML settings:
-
Toggle the SAML activation switch to enable SSO for your organization
Once the integration is complete:
-
Obtain the Tallyfy login URL from the SAML configuration modal (provided by Tallyfy Support)
-
Share this URL with your users who have access to the Azure AD application
Users can now access Tallyfy through this URL:
- Existing Tallyfy users will be automatically authenticated
- New users will be provisioned in Tallyfy upon their first login
If users encounter authentication issues:
- Verify the user has been assigned to the Azure AD application.
- Check that attribute mappings are correctly configured (exact names and capitalization).
- Confirm the SAML certificate hasn’t expired.
- Ensure users are accessing Tallyfy through the SSO URL.
- Contact Tallyfy Support for assistance with persistent issues.
Authentication > Integrate OneLogin
Authentication > Integrate Google Suite
Integrations > Authentication and SSO
- 2025 Tallyfy, Inc.
- Privacy Policy
- Terms of Use
- Report Issue
- Trademarks