Persona logoPersona Help Center
ArticlesCommunityAcademyDeveloper Docs
Menu icon

Articles

Getting started
Dynamic Flow (Inquiries)
Verifications
Accounts
Transactions
Reports
Cases
Workflows
Graph
Lists
Marketplace and 3rd-Party Integrations
Team and permissions
For end users
Security, privacy, and compliance
Introduction
Guides
Using SSO and Authentication
managing-data

Get help now

Submit a request
Security, privacy, and compliance
Guides
Using SSO and Authentication

SAML-based single sign-on (SSO) with Azure for Persona Dashboard

Overview

You can enable SAML-based Single Sign-On (including Just-In-Time (JIT) provisioning with SAML) for the Persona Dashboard via Azure by following this guide.

By default, users can choose to login through SAML or via email and password. SAML enforcement can be configured by navigating to Organization > Security for a user with Admin permissions.

⚠️ By enabling SAML, users in your organization will no longer be able to authenticate via email and password.

Availability

SSO is available on Growth and Enterprise plans. See our Pricing page for details.

Retrieve your Organization Slug

Log in to your Persona dashboard as a user with Admin permissions.

  1. Navigate to Organization > Security.
  2. Under Single Sign-On, click Set up.
  3. Here, you'll find your Organization Slug.

Make note of your Organization Slug. You'll need it in the next steps.

Add Persona to Azure

  1. Log in to your Azure organization as a user with administrative privileges.
  2. Navigate to Enterprise applications through Azure Services > Identity > Enterprise Applications
    1. Click New Application > Create your own application.
    2. Enter “Persona” as the name of the new Application. Leave the default setting and continue.
    3. If your application already exists, click on it.
  3. Go to Manage > Single sign-on to get started
  4. Configure SAML, enter the following for the fields:
    1. Identifier (Entity ID): https://withpersona.com/saml/<ORGANIZATION-SLUG>/metadata
    2. Reply URL: https://withpersona.com/saml/<ORGANIZATION-SLUG>/acs
    ⚠️ ORGANIZATION-SLUG` comes from the first section (Retrieving your Organization Slug)

Complete the Azure integration in Persona

  1. Log in to your Persona dashboard as a user with Admin permissions
  2. Navigate to Organization > Security.
  3. Under Single Sign-On, click Set up.
  4. Enter in the Metadata URL you obtained from the Azure SSO configuration
  5. Click Get metadata.

If done successfully, you should see a notification letting you know that your Okta integration has been set up.

Logging in to Persona through Azure

  1. To log in to Persona through Azure, first make sure that the user has been assigned to the Application in Azure.
  2. The users will see the application on their My Apps and O365 app launcher. By clicking Persona, they should automatically log in to their Persona dashboard.

FAQs

Is it possible to send over the user's role in Persona as an attribute in the SAML assertion?

At the moment, all new users will be set to an Organization's default role configured from within the dashboard. We do not currently support sending a user's role as an attribute, but if this is a high priority for your team please reach out to your Persona contact or Persona support to let us know about your need.