Overview
You’ll complete these steps:- Get your OptiDev SSO settings
- Create an Enterprise Application in Azure
- Configure SAML settings
- Set up attribute mappings
- Download the Azure certificate
- Enter Azure details in OptiDev
- Assign users and test
Step 1: Get Your OptiDev SSO Settings
Before creating the Azure app, you need two values from OptiDev.1
Open SSO Settings
In OptiDev, go to Workspace Settings → Security → Single Sign-On.
2
Copy Your Values
You’ll see two important values. Keep this page open — you’ll need these shortly.
| Setting | Example |
|---|---|
| SP Entity ID | https://auth.optiprime.com/saml/abc123 |
| ACS URL | https://auth.optiprime.com/saml/abc123/acs |
Step 2: Create an Enterprise Application
1
Open Azure Portal
Go to portal.azure.com and sign in with your admin account.
2
Go to Enterprise Applications
Search for Enterprise Applications in the top search bar, or navigate to Azure Active Directory → Enterprise Applications.
3
Create New Application
Click + New application.
4
Create Your Own
Click + Create your own application.
5
Name and Create
- Enter OptiDev as the name
- Select Integrate any other application you don’t find in the gallery (Non-gallery)
- Click Create
Step 3: Set Up SAML
1
Open Single Sign-On
In your new OptiDev app, click Single sign-on in the left sidebar.
2
Select SAML
Click SAML as the sign-on method.
3
Edit Basic SAML Configuration
Click Edit on the Basic SAML Configuration card.
4
Enter OptiDev Settings
Fill in these fields:
Click Save.
| Field | Value |
|---|---|
| Identifier (Entity ID) | Paste your SP Entity ID from Step 1 |
| Reply URL (ACS URL) | Paste your ACS URL from Step 1 |
| Sign on URL | https://app.optidev.ai |
Step 4: Configure Attribute Mappings
Azure sends user information to OptiDev through SAML attributes. You need to configure what gets sent.1
Edit Attributes & Claims
Click Edit on the Attributes & Claims card.
2
Verify Required Claims
Make sure these claims exist (add them if missing):
| Claim name | Source attribute |
|---|---|
emailaddress | user.mail |
givenname | user.givenname |
surname | user.surname |
The default Azure claims usually work. Only edit if you have custom attribute requirements.
3
Check Unique User Identifier
The Unique User Identifier (Name ID) should be set to
user.userprincipalname or user.mail.Step 5: Download the Certificate
1
Find SAML Certificates
Scroll to the SAML Certificates section.
2
Download Certificate
Next to Certificate (Base64), click Download.Save the file — you’ll upload or paste its contents into OptiDev.
3
Copy Login URL and Identifier
In the Set up OptiDev section, copy:
| Field in Azure | What You’ll Call It |
|---|---|
| Login URL | SSO URL |
| Azure AD Identifier | Entity ID |
Step 6: Enter Azure Details in OptiDev
1
Return to OptiDev SSO Settings
Go back to Workspace Settings → Security → Single Sign-On.
2
Enter IdP Configuration
Fill in the fields:
| Field | Value |
|---|---|
| Display Name | Microsoft or Azure AD (shown on login button) |
| Entity ID | Paste the Azure AD Identifier |
| SSO URL | Paste the Login URL |
| Certificate | Open the downloaded certificate file in a text editor and paste the entire contents |
3
Add Your Email Domain
Enter your company’s email domain (e.g.,
yourcompany.com).All users with this email domain will be directed to Azure for login.4
Save Configuration
Click Save to enable SSO.
Step 7: Assign Users in Azure
Before users can log in, you need to give them access to the app in Azure.1
Go to Users and Groups
In your Azure OptiDev app, click Users and groups in the sidebar.
2
Add Users
Click + Add user/group.
3
Select Users or Groups
- Click Users to select individual people
- Or click Groups to assign entire teams
Step 8: Test Your Setup
1
Open an Incognito Window
Use a private/incognito browser window to avoid cached sessions.
2
Go to OptiDev
Visit
https://app.optidev.ai and click Sign in with SSO.3
Enter Your Email
Enter your company email address. You should be redirected to Microsoft login.
4
Log In
Sign in with your Microsoft credentials. You should land in OptiDev.
If you see your OptiDev dashboard, SSO is working. Your team can now log in with their Microsoft accounts.
Troubleshooting
Error: 'AADSTS50105 - User not assigned'
Error: 'AADSTS50105 - User not assigned'
The user trying to log in hasn’t been assigned to the OptiDev app in Azure.
- Go to Users and groups in your Azure app
- Add the user or add them to an assigned group
Error: 'AADSTS700016 - Application not found'
Error: 'AADSTS700016 - Application not found'
The Entity ID in OptiDev doesn’t match Azure.
- In Azure, go to Single sign-on → Basic SAML Configuration
- Verify the Identifier (Entity ID) matches exactly what OptiDev shows
Error: 'Invalid SAML response'
Error: 'Invalid SAML response'
- Check that the certificate was copied completely (including
-----BEGIN CERTIFICATE-----and-----END CERTIFICATE-----) - Verify the Reply URL (ACS URL) matches exactly
- Make sure there are no extra spaces in the URLs
Login works but user has no access
Login works but user has no access
- The user account was created, but they need to be added to a workspace
- Go to Workspace Settings → Members in OptiDev and invite them
Users from multiple domains
Users from multiple domains
If your organization uses multiple email domains (e.g.,
company.com and company.co.uk):- Add each domain in OptiDev SSO settings
- All domains will use the same Azure AD configuration
Optional: Automatic User Provisioning
Want users to appear in OptiDev before they log in? Azure supports SCIM provisioning.Contact OptiDev support to enable SCIM provisioning for your workspace.