Single Sign-On (SSO) is an authentication process that allows users to access multiple applications or services by logging in only once. This method reduces the need for users to memorize or keep track of multiple logins. With Vagaro, you can integrate with Microsoft Entra ID.
SAML is an XML-based, open standard for exchanging authentication and authorization data between the Service Provider and the Identity Provider. The Identity Provider (Entra ID) is responsible for authenticating users and providing assertions about their identity to the Service Provider (Vagaro). Your organization's employees can seamlessly log in to Vagaro using the credentials they are already familiar with.
Important
If you are interested in the SSO feature on Vagaro, please contact our Sales Team at (925) 718-0971 ext. 1 to enable this feature.
Prerequisites: This feature requires Microsoft Entra ID. To configure the Vagaro and Microsoft Entra ID integration, you must have at least the Owner or Application Administrator role enabled for your account in Azure.
To find the Reply URL in Vagaro:
To configure the integration:
-
Log in to the Azure Portal, then search for and select Enterprise Applications.
-
Select New Application.
-
Select Create your own application.
-
Fill out the following information, then select Create.
-
Under What's the name of your app, give your app a name.
-
Under What are you looking to do with your application, select the Integrate any other application you don't find in the gallery option.
-
-
In the left panel, select Single sign-on.
-
Select the SAML single sign-on method.
-
In the Basic SML Configuration box, select Edit, then enter the following details:
-
Identifier (Entity ID): Enter the name of your Vagaro Business or another ID that will be used later in Vagaro.
-
Reply URL: Enter the reply URL provided by Vagaro.
-
-
Select Save.
-
Scroll down to the SAML Certificates section, Download the Certificate (Base64).
-
Go to the Set up features section, then copy the Login URL.
To complete the integration setup:
-
Go back to your Vagaro account and return to the SSO Integration screen (
→ → ). -
Enter or attach the following details:
-
Identifier ID (Entity ID): The entity ID you created in the Azure Portal.
-
Domain: The domain of your organization (ex. vagaro.com).
-
App Federation Metadata URL: The Login URL you copied in the previous section.
-
App Certificate: Upload the Certificate (Base64) uploaded in the previous step.
-
Vagaro uses the System for Cross-domain Identity Management (SCIM) to provision users from Microsoft Entra into Vagaro. SCIM is a standard protocol for automating the exchange of user identity information between different systems. Users created or modified in the enterprise application will be synced over your Vagaro Flagship location. Removing the users from the Enterprise Application will deactivate them in Vagaro rather than deleting them.
To provision users:
-
Go to the Enterprise Application you created in Integrate Vagaro with Entra ID.
-
In the left panel, select Provisioning.
-
Open the Provisioning Mode list, then select Automatic.
-
Go back to your Vagaro account and return to the SSO Integration screen (
→ → ). -
Write down or copy the Provisioning Endpoint URL and the Secret Token.
-
Go back to the Provisioning screen, expand the Admin Credentials section, then complete the following steps:
-
Paste the Provisioning Endpoint URL in the Tenant URL box.
-
Paste the Secret Token in the Secret Token box.
-
Select Test Connect to verify if the endpoint has been successfully established.
If successful, you should see the following message.
-
-
Select Save.
Comments
0 comments
Please sign in to leave a comment.