Skip to main content
This guide walks you through setting up Microsoft Azure AD (now called Microsoft Entra ID) as your identity provider for OptiDev SSO. Time required: 15-20 minutes

Overview

You’ll complete these steps:
  1. Get your OptiDev SSO settings
  2. Create an Enterprise Application in Azure
  3. Configure SAML settings
  4. Set up attribute mappings
  5. Download the Azure certificate
  6. Enter Azure details in OptiDev
  7. Assign users and test

Step 1: Get Your OptiDev SSO Settings

Before creating the Azure app, you need two values from OptiDev.
1

Open SSO Settings

In OptiDev, go to Workspace Settings → Security → Single Sign-On.
2

Copy Your Values

You’ll see two important values. Keep this page open — you’ll need these shortly.
SettingExample
SP Entity IDhttps://auth.optiprime.com/saml/abc123
ACS URLhttps://auth.optiprime.com/saml/abc123/acs

Step 2: Create an Enterprise Application

1

Open Azure Portal

Go to portal.azure.com and sign in with your admin account.
2

Go to Enterprise Applications

Search for Enterprise Applications in the top search bar, or navigate to Azure Active Directory → Enterprise Applications.
3

Create New Application

Click + New application.
4

Create Your Own

Click + Create your own application.
5

Name and Create

  • Enter OptiDev as the name
  • Select Integrate any other application you don’t find in the gallery (Non-gallery)
  • Click Create

Step 3: Set Up SAML

1

Open Single Sign-On

In your new OptiDev app, click Single sign-on in the left sidebar.
2

Select SAML

Click SAML as the sign-on method.
3

Edit Basic SAML Configuration

Click Edit on the Basic SAML Configuration card.
4

Enter OptiDev Settings

Fill in these fields:
FieldValue
Identifier (Entity ID)Paste your SP Entity ID from Step 1
Reply URL (ACS URL)Paste your ACS URL from Step 1
Sign on URLhttps://app.optidev.ai
Click Save.

Step 4: Configure Attribute Mappings

Azure sends user information to OptiDev through SAML attributes. You need to configure what gets sent.
1

Edit Attributes & Claims

Click Edit on the Attributes & Claims card.
2

Verify Required Claims

Make sure these claims exist (add them if missing):
Claim nameSource attribute
emailaddressuser.mail
givennameuser.givenname
surnameuser.surname
The default Azure claims usually work. Only edit if you have custom attribute requirements.
3

Check Unique User Identifier

The Unique User Identifier (Name ID) should be set to user.userprincipalname or user.mail.

Step 5: Download the Certificate

1

Find SAML Certificates

Scroll to the SAML Certificates section.
2

Download Certificate

Next to Certificate (Base64), click Download.Save the file — you’ll upload or paste its contents into OptiDev.
3

Copy Login URL and Identifier

In the Set up OptiDev section, copy:
Field in AzureWhat You’ll Call It
Login URLSSO URL
Azure AD IdentifierEntity ID

Step 6: Enter Azure Details in OptiDev

1

Return to OptiDev SSO Settings

Go back to Workspace Settings → Security → Single Sign-On.
2

Enter IdP Configuration

Fill in the fields:
FieldValue
Display NameMicrosoft or Azure AD (shown on login button)
Entity IDPaste the Azure AD Identifier
SSO URLPaste the Login URL
CertificateOpen the downloaded certificate file in a text editor and paste the entire contents
3

Add Your Email Domain

Enter your company’s email domain (e.g., yourcompany.com).All users with this email domain will be directed to Azure for login.
4

Save Configuration

Click Save to enable SSO.

Step 7: Assign Users in Azure

Before users can log in, you need to give them access to the app in Azure.
1

Go to Users and Groups

In your Azure OptiDev app, click Users and groups in the sidebar.
2

Add Users

Click + Add user/group.
3

Select Users or Groups

  • Click Users to select individual people
  • Or click Groups to assign entire teams
Click Select, then Assign.
Create a security group called “OptiDev Users” in Azure AD. Add this group to the app, then manage access by adding/removing people from the group.

Step 8: Test Your Setup

1

Open an Incognito Window

Use a private/incognito browser window to avoid cached sessions.
2

Go to OptiDev

Visit https://app.optidev.ai and click Sign in with SSO.
3

Enter Your Email

Enter your company email address. You should be redirected to Microsoft login.
4

Log In

Sign in with your Microsoft credentials. You should land in OptiDev.
If you see your OptiDev dashboard, SSO is working. Your team can now log in with their Microsoft accounts.

Troubleshooting

The user trying to log in hasn’t been assigned to the OptiDev app in Azure.
  • Go to Users and groups in your Azure app
  • Add the user or add them to an assigned group
The Entity ID in OptiDev doesn’t match Azure.
  • In Azure, go to Single sign-on → Basic SAML Configuration
  • Verify the Identifier (Entity ID) matches exactly what OptiDev shows
  • Check that the certificate was copied completely (including -----BEGIN CERTIFICATE----- and -----END CERTIFICATE-----)
  • Verify the Reply URL (ACS URL) matches exactly
  • Make sure there are no extra spaces in the URLs
  • The user account was created, but they need to be added to a workspace
  • Go to Workspace Settings → Members in OptiDev and invite them
If your organization uses multiple email domains (e.g., company.com and company.co.uk):
  • Add each domain in OptiDev SSO settings
  • All domains will use the same Azure AD configuration

Optional: Automatic User Provisioning

Want users to appear in OptiDev before they log in? Azure supports SCIM provisioning.
Contact OptiDev support to enable SCIM provisioning for your workspace.

Next Steps

Managing Users

Learn how to add and remove user access.

Troubleshooting

Common issues and solutions.