SSO using Azure AD

Shipa supports Single Sign-On using Azure AD. It allows users from Azure Active Directory to log into Shipa securely and supports a single logout feature.


Shipa self-hosted feature

Single sign on using Azure AD is only a self hosted Shipa feature. We are working on making it available to Shipa Cloud. Stay tuned.

Create Azure Enterprise Application and get Azure AD Metadata URL

  • Visit Azure portal
  • Azure Active Directory and then click on Enterprise Applications
  • Select Create Your Own Application
  • Select Integrate any other application you don't find in the gallery (Non-gallery). Enter a name and select ‘Create’
  • You should now see an overview page for the application that you just created
  • Assign users to your application, don’t forget to add yourself
  • Go back to the overview page and select Single Sign On
  • Select SAML
  • Copy the App Federation Metadata URL You need this URL to define the Identity Provider in the Shipa Dashboard

Setup Azure AD SSO in Shipa

Login as Shipa administrator and Click on the top left to select Settings menu


Click on Single Sign-On and click on + and enter App Federation Metadata URL copied from Azure enterprise application created in the previous step.


Enable the provider you created by selecting the toggle in the provider row, then select the cloud icon to download the Service Provider Metadata. You will need to upload this to your Azure application.


Go back to your Azure application and upload the saml-metadata.xml file that you just created in Shipa. You should see a ‘Basic SAML Configuration’ window. Accept the defaults by selecting ‘Save.’


That’s it. Go back to the Shipa dashboard, log out the admin user. You should see a single sign-on button on the login page.