Authentication > Integrate Okta
Integrate Azure AD
This guide covers the process of setting up SAML-based Single Sign-On (SSO) between Microsoft Azure Active Directory and Tallyfy. This integration allows automated user authentication and provisioning.
- Azure subscription with Azure Active Directory access
- Administrator privileges in Azure AD
- Tallyfy Professional or Enterprise plan
- SAML configuration values from Tallyfy Support
The integration includes three main phases:
- Creating and setting up an Azure AD enterprise application
- Setting up SAML settings in both systems
- Turning on and testing the SSO integration
-
Sign in to the Azure Portal ↗ with administrator credentials
-
Go to Azure Active Directory service
-
Pick Enterprise Applications under the Manage section
-
Click +New application
-
Pick Create your own application
-
Type “Tallyfy” as the application name
-
Pick Integrate any other application you don’t find in the gallery (Non-gallery)
-
Click Create
You can assign users to the application now or after finishing the setup:

-
In the application’s sidebar under Manage, pick Single sign-on
-
Pick SAML as the sign-on method
-
Click Edit in the Basic SAML Configuration section.
-
Get Tallyfy’s SAML values: Go to your organization’s profile in Tallyfy.
-
Go to the Org Settings tab.
-
Click Add Configuration Details.
-
Scroll down to see the default SAML values.
-
Put the Tallyfy SP ACS URL into Azure AD’s Reply URL (Assertion Consumer Service URL) field.
-
Put the Tallyfy SP Entity ID into Azure AD’s Identifier (Entity ID) field.
-
Click Save.
This step is crucial for proper user identification and provisioning. Set up each attribute as follows:
-
Set up the Name Identifier (User ID): Click the Unique User Identifier (Name ID) row.
-
Pick Persistent for Name identifier format.
-
Pick user.mail for Source attribute.
-
Click Save.
-
Set up the First Name Attribute: Click the attribute row (e.g., user.givenname).
-
Change Name to:
FirstName
(exact capitalization needed). -
Clear any value in the Namespace field.
-
Set Source attribute to:
user.givenname
. -
Click Save.
-
Set up the Email attribute using the same process: Set Name to
Email
, make sure Namespace is empty, and set Source attribute properly (e.g.,user.mail
). Click Save. -
Set up the Last Name attribute using the same process: Set Name to
LastName
, make sure Namespace is empty, and set Source attribute properly (e.g.,user.surname
). Click Save.
The final attribute setup should look like this:

From the Azure AD application setup:
-
Go to the Set up section.
-
Get the Login URL.
-
Get the Azure AD Identifier.
-
Download the Certificate (Base64) from the SAML Signing Certificate section.
-
Give the collected Azure AD SAML information to Tallyfy Support
-
Tallyfy Support will put this information in your organization’s SAML setup
After Tallyfy Support sets up your SAML settings:
-
Switch the SAML activation toggle to turn on SSO for your organization
Once the integration finishes:
-
Get the Tallyfy login URL from the SAML setup modal (provided by Tallyfy Support)
-
Share this URL with your users who have access to the Azure AD application
Users can now access Tallyfy through this URL:
- Existing Tallyfy users will get automatically authenticated
- New users will get set up in Tallyfy when they first log in
If users run into authentication problems:
- Check that the user has been assigned to the Azure AD application.
- Make sure attribute mappings are set up correctly (exact names and capitalization).
- Check that the SAML certificate hasn’t expired.
- Make sure users are accessing Tallyfy through the SSO URL.
- Contact Tallyfy Support for help with ongoing issues.
Authentication > Integrate OneLogin
Integrations > Authentication and SSO
Authentication > Integrate Google Suite
- 2025 Tallyfy, Inc.
- Privacy Policy
- Terms of Use
- Report Issue
- Trademarks