Configure SAML SSO for Site24x7 MSP with Microsoft Entra ID

Configuring SAML SSO between Site24x7 MSP and Microsoft Entra ID

What is SAML authentication?

Security Assertion Markup Language (SAML) is a secure authentication method that allows users to log in to multiple applications using a single set of credentials.

With SAML, users sign in once through a trusted identity provider (IdP), such as Microsoft Entra Identifier (Microsoft Entra ID), and are automatically authenticated into connected applications like Site24x7 without re-entering credentials.

This approach is widely used for single sign-on (SSO) in organizations.

How it works

  1. You log in to your main identity provider (Microsoft Entra ID).
  2. Microsoft Entra ID verifies your identity.
  3. A secure SAML response is sent to Site24x7.
  4. You gain access to Site24x7 without logging in again.

Benefits

  1. Simplifies login with a single account
  2. Improves security by reducing password usage
  3. Saves time with seamless access to multiple applications

Prerequisites

Before you begin, ensure the following are available:
  1. A Microsoft Entra ID account with global administrator or application administrator privileges
  2. A Site24x7 MSP admin account
  3. Microsoft Entra ID enabled in your tenant

Overall setup flow

  1. Configure SAML in Microsoft Entra ID
  2. Configure SAML settings for customer accounts in Site24x7 MSP
  3. Test the SAML login

Step 1: Configure SAML in Microsoft Entra ID

  1. Create an Enterprise Application
    1. Log in to the Microsoft Entra ID portal.
    2. From the left pane, navigate to Manage > Enterprise Applications.
    3. In the Enterprise Applications page, click + New Application. You will be directed to the Browse Microsoft Entra App Gallery page.
    4. In the Browse Microsoft Entra App Gallery page, search for Zoho and choose Zoho – Zoho Corporation Pvt. Ltd.
    5. Click Create to add Zoho as an enterprise application.
[screenshot]
  1. Configure SAML settings with SSO
    1. In the Zoho Enterprise Application Overview page, click Set up single sign-on under Getting Started.
    2. Choose SAML for setting up the single sign-on.
    3. Under Set up Single Sign-On with SAML, configure the following:
      Basic SAML configuration
      [screenshot]
      • Edit the basic SAML configuration by clicking the Edit icon [icon].
      • Sign On URL: Navigate to the Site24x7 MSP Customer Accounts page and copy the SAML Request URL and paste it here.
      • Relay State: Copy the Default Relay State from the Site24x7 Customer Accounts page and paste it here.
      • Reply URL (Assertion Consumer Service URL): Copy the SAML Response URL from the Site24x7 Customer Accounts page and paste it here.
      • Click Save.
        A save confirmation pop-up will be displayed.

      Test SSO
      A Test single sign-on with Zoho pop-up will appear. Click Yes to test the added SSO configuration.

      Configure Attributes & Claims
      [screenshot]
      1. To edit the Attributes & Claims, click the Edit icon [icon].
      2. In Required Claims, modify the Source Attribute to user.mail.
      3. Click Save to save the claim.

      Download SAML certificate
      [screenshot]
      1. Under SAML Certificates, download the Certificate (Base64).
      2. Rename the downloaded file from zoho.cer to zoho.txt and upload it in the X.509 Certificate field.

      Getting the SAML details for Site24x7
      [screenshot]
      From the Microsoft Entra ID SAML Configuration page, copy the following values and paste them into the corresponding fields in Site24x7 SAML Authentication:
      1. Login URL: Copy this value and paste it into the Remote Login URL field in Site24x7.
      2. Logout URL: Copy this value and paste it into the Remote Logout URL field in Site24x7.
      3. Microsoft Entra ID: Copy this value and paste it into the Reset Password URL field in Site24x7.

Step 2: Enable SAML for customer accounts

  1. Log in to your Site24x7 MSP account.
  2. Navigate to Admin > Customer Management > Customers.
  3. In the Customer Accounts listing page, hover over the hamburger icon [icon] next to the customer account and click SAML Authentication.
  4. In the SAML Authentication for Access pop-up, provide the following details:
    1. Remote Login URL: Enter the Remote Login URL of your IdP (Entra ID) to which the Site24x7 MSP custom portal will be redirecting your end users.
    2. Remote Logout URL: Enter the Remote Logout URL of your IdP  (Entra ID) to which the Site24x7 MSP custom portal will be redirecting your end users when they attempt to log out of the Site24x7 MSP custom portal.
    3. Reset Password URL: Enter the Reset Password URL of your IdP (Entra ID) to which the Site24x7 MSP custom portal will be redirecting your end users when they try to change their password for the Site24x7 MSP custom portal.
    4. X.509 Certificate: Upload the X.509 Certificate in text format. The public key in the certificate will be used to verify that your IdP (Entra ID) has issued all received SAML authentication requests.
    5. Algorithm: Select an algorithm (RSA or DSA) used by your IdP to generate public keys and certificates.
    6. SAML Request URL: Copy the SAML Request URL from this field in the Site24x7 MSP custom portal and paste it in the respective field of your IdP (Entra ID).
    7. SAML Response URL: Copy the SAML Response URL from this field in the Site24x7 MSP portal and paste it in the respective field of your IdP (Entra ID).
    8. Default Relay State: Copy the Default Relay State value from this field in the Site24x7 MSP portal and paste it in the respective field of your IdP (Entra ID).
  5. Click Save.
    [screenshot]

Step 3: Test the SAML login

  1. Test the SAML authentication by hovering over the preferred customer account and clicking the Open custom portal in new tab icon.
  2. Verify that the portal redirects to the Microsoft Sign-In page.
  3. Log in using Microsoft credentials and confirm successful access to Site24x7.