※We recommend that SSO be set up be performed by someone from the security or IT teams within your organization.
We recommend that you complete the SSO set up on Unipos before registering members on Unipos. Because before and after setting up SSO, the login method and the information in the invitation email will change.
Please see the page below before setting up SSO.
This section explains how to set up SSO in Microsoft Entra ID (P1,P2).
There are 12 steps in setting up SSO on Microsoft Entra ID.
※To set up SSO,The Microsoft Entra ID edition needs to be 「Microsoft Entra ID P1」 or 「Microsoft Entra ID P2」.
1. Access Microsoft Entra ID
Access https://portal.azure.com and click "Microsoft Entra ID" in the Azure Services in Home or in the Portal menu on the left side of the screen.
If not displayed "Microsoft Entra ID" in the menu, enter "Microsoft Entra ID" in the search field at the top of the screen.
2. Click "Enterprise Applications"
3. Click "New application"
4. Create your own application
Click "+Create Your Own Application" and enter the following two information.
- App Name ※The display name does not necessarily have to be "unipos".
- Check "Integrate any other application you don't find in the gallery (Non-gallery)"
Then, click “Create”.
5. Click "Single sign-on" or "2. Set up single sign on"
6. Click "SAML"
7. Enter the SSO information of Unipos to ”①Basic SAML Configuration”
Click on the edit icon for “①Basic SAML Configuration.”
Please refer to the chart below and enter the SSO information of Unipos.
For the SSO information of Unipos, please comfirm from Team Admin > Security > SSO Settings.
Then, click “Save.”
Microsoft Entra ID |
Unipos |
Identifier (Entity ID) |
Entity ID |
Reply URL (Assertion Consumer Service URL) |
URL for ACS |
Sign on URL (Optional) |
URL for Login |
8. Set up “②Attributes & Claims”
Click on the edit icon for “②Attributes & Claims.”
Click “Unique User Identifier (Name ID).”
Choose "user.mail" from the "Source attribute" drop down menu and click "Save".
After clicking "Save," return to the "SAML-based Sign on" page.
9. Enter the information of Microsoft Entra ID to the Unipos SSO settings page.
Using a different tab, open the Team Admin > Security > SSO Settings page on Unipos and click "Set ID Provider".
“ID Provider" is displayed.
Please refer to the chart below and enter the information of Microsoft Entra ID into the Unipos “ID Provider”.
For information on setting up a Microsoft Entra ID, please refer to "(3) SAML Certificates" and "(4) Unipos Settings" on the "SAML-based Sign on" page.
Then, click “Save.”
Unipos |
Microsoft Entra ID |
Entity ID |
Microsoft Entra Identifier |
URL for Single Sign-On |
Login URL |
Certificate (Base64-encoded) |
Certificate (Base64) |
※Please follow the steps below to enter “Certificate (Base64-encoded)”.
- Click "Download" of the Certificate (Base64)
- Open downloaded files in text format
- Copy and paste the text into the "Certificate (Base64 encoded)" in Unipos
10. Operation test (needs to be done by admins)
Please log out of Unipos before running the Operation test.
Log into Office365 and Choose Unipos from the Office365 app menu.
If you can log in to Unipos, SSO is successfully set up.
If you fail to log in, please confirm the settings and try again.
If you wish to reset the settings from step 1, delete the application created in the above steps(1-9). To delete an application, follow these steps.
- Access Microsoft Entra ID from https://portal.azure.com
- Click “App registrations” > “All applications”
- Click on the the application you created in the above steps(1-9).
- Click the "Delete" button in the upper left corner of the screen
- Check ”I understand the implications of deleting this app registration”
- Click ”Delete”
11. Add members from the Unipos admin screen
Click “How to manage members on Unipos” to confirm how to add members.
12. Grant access to members in Microsoft Entra ID
Grant access after completing add members in Unipos(step 11) .
Access Microsoft Entra ID from https://portal.azure.com , and click “Enterprise applications”
Click on the the application you created in the above steps(1-9).
Click “Users and groups” > ”+Add user/group”.
Under "Users and groups," click "None Selected".
Check the users or groups you want to grant access to Unipos, then click “Select” > “Assign”.
This completes the process to set up SSO.