-
Zingtree supports SAML 2.0 based Single Sign-on (SSO). This lets you require anyone accessing a tree to log in via your Identity Provider and authenticate themselves first. This article will walk you through how to set it up using Microsoft Azure.
Setup
- In Azure, Click Azure Active Directory.
- On the next page click on enterprise applications.
- Click on New application.
- Make sure Integrate any other application you don't find in the gallery is selected before hitting create. For best practices, we recommend creating separate applications for agents and authors.
- Choose option 2, Set up single sign-on and click Get started.
- Click SAML > Basic SAML Configuration
- In Zingtree, go to Account > Single Sign-on
- You can use the Orange button to toggle back and forth between Agents and Authors. You'll need the Entity ID, ACS URL, and Logout URL (SLO).
- Click Next: Enter Identity Provider Data for Authors/Agents button. In Azure, select Enter Identity Provider and then input the Entity ID, Assertion Consumer Service (ACS), Logout Url (SLO) you got from Zingtree.
- Download the Certificate (Base64) in SAML Signing Certificate. Open the Certificate file with an editor or Notepad. Copy and paste the information into the Certificate field in Zingtree's Enter Identity Provider.
- Once all the information is submitted, run a test on both Azure AD and Zingtree to confirm it is working.
Enabling SSO for Agents/Authors
Once SSO is working properly from your test, you can restrict access to any tree as follows.
- From Account, Single Sign-on, make sure you are on the Agents/Authors page.
- Tick enable Agents/Authors.
IMPORTANT: You still need to specify individual trees to restrict access to. Here’s how:
- Go to My Trees, and select the tree that you want to require SSO login.
- Click Settings > Security, and you’ll see something like this:
- Check Require Login via Single Sign-on (SSO).
- Click Update Settings.
Dedicated Agent Login
Rather than having Agents go through the Zingtree login page, you can send them directly to your SSO login page. Here’s how:
- Go to Account, My Agents.
- Give your agents the link from this button:
- In Azure, Click Azure Active Directory.
-
Zingtree supports SAML 2.0 based Single Sign-on (SSO). This lets you require anyone accessing a tree to log in via your Identity Provider and authenticate themselves first. This article will walk you through how to set it up using Microsoft Azure.
Setup
- In Azure, Click Azure Active Directory.
- On the next page click on enterprise applications.
- Click on New application.
- Make sure Integrate any other application you don't find in the gallery is selected before hitting create. For best practices, we recommend creating separate applications for agents and authors.
- Choose option 2, Set up single sign-on and click Get started.
- Click SAML > Basic SAML Configuration
- In Zingtree, go to Account > Single Sign-on.
- You can use the Orange button to toggle back and forth between Agents and Authors. You'll need the Entity ID, ACS URL, and Logout URL (SLO).
- Click Next: Enter Identity Provider Data for Authors/Agents button. In Azure, select Enter Identity Provider and then input the Entity ID, Assertion Consumer Service (ACS), Logout Url (SLO) you got from Zingtree.
- Download the Certificate (Base64) in SAML Signing Certificate. Open the Certificate file with an editor or Notepad. Copy and paste the information into the Certificate field in Zingtree's Enter Identity Provider.
- Once all the information is submitted, run a test on both Azure AD and Zingtree to confirm it is working.
Enabling SSO for Agents/Authors
Once SSO is working properly from your test, you can restrict access to any tree as follows.
- From Account, Single Sign-on, make sure you are on the Agents/Authors page.
- Tick enable Agents/Authors.
IMPORTANT: You still need to specify individual trees to restrict access to. Here’s how:
- Go to My Trees, and select the tree that you want to require SSO login.
- Click Settings > Security, and you’ll see something like this:
- Check Require Login via Single Sign-on (SSO).
- Click Update Settings.
Dedicated Agent Login
Rather than having Agents go through the Zingtree login page, you can send them directly to your SSO login page. Here’s how:
- Go to Account, My Agents.
- Give your agents the link from this button:
- In Azure, Click Azure Active Directory.
-
Throughout 2022 Zingtree will be upgrading customers to our new faster and more modern user experience! Here's how to tell which experience your Zingtree Authors are currently using.
Log in to your Zingtree Author account and navigate to My Trees. How does your current My Trees page look?
Zingtree Classic
New User Experience
Microsoft Azure Single Sign-on Setup Guide
- Updated