How can we help?

Search

Set up Guide: Entra ID SAML

Emily B
Emily B
  • Updated

Step 1: Create Enterprise Application

Select "Enterprise applications" from your Entra ID dashboard.

Screenshot 2025-05-05 at 12.59.58 PM.png

Click "New application" and continue.

Screenshot 2025-05-05 at 1.00.49 PM.png

Select "Create your own application", then enter an App name that describes Ten Thousand Coffees. Under "What are you looking to do with your application?", select "Integrate any other application you don't find in the gallery (Non-gallery)", then select "Create".

Screenshot 2025-05-05 at 1.03.04 PM.png

Next, select "Single Sign-On" from the "Manage" section in the left sidebar navigation menu, and then "SAML".

Screenshot 2025-05-05 at 1.03.36 PM.png
 

Step 2: Basic SAML Configuration

Click the Edit icon in the top right of the first step.

Screenshot 2025-05-05 at 1.04.15 PM.png

Submit the Identifier and the Reply URL in the Basic SAML Configuration. You can get your Identifier and Reply URL in the guided setup link provided to you by Ten Thousand Coffees.

If you can't find your setup link, please email integrations@tenthousandcoffees.com.

Screenshot 2025-05-05 at 1.05.50 PM.png
 

Step 3: User Attributes & Claims

Click the Edit icon in the top right of the second step.

Screenshot 2025-05-05 at 1.07.56 PM.png

Fill in the following Attribute Statements by entering the claim name in the "Name" field and the value in the "Source attribute" field. Select "Next":

Claim name

Value

emailaddress

user.mail

givenname

user.givenname

name

user.userprincipalname

surname

user.surname
 
Screenshot 2025-05-05 at 1.08.38 PM.png
 

Step 4: Assign People & Groups

In order for your users and groups of users to be synced to Ten Thousand Coffees you will need to assign them to your Entra ID SAML Application. Select "Users and groups" from the "Manage" section of the navigation menu.

Screenshot 2025-05-05 at 1.09.21 PM.png

Select "Add user/group" from the top menu.

Screenshot 2025-05-05 at 1.09.47 PM.png

Select "None selected" under the "Users and Groups". In the menu, select the users and groups of users that you want to add to the SAML application, and click "Select".

Screenshot 2025-05-05 at 1.10.13 PM.png

Select "Assign" to add the selected users and groups of users to your SAML application.

Step 5: Upload IdP Metadata

Navigate down to Section 3 of the "Single Sign-On" page, to "SAML Signing Certificate". Copy the URL provided in "App Federation Metadata URL" (ignore the highlighted area in the below screenshot and copy the URL instead).

Screenshot 2025-05-05 at 1.14.56 PM.png

Share this Metadata URL via the WorkOS setup link or directly emailing it to integrations@tenthousandcoffees.com

Step 6: Test Single-Sign On

Once all the steps are done, Ten Thousand Coffees will ask you to try signing in to test the connection.

 

Was this article helpful?

0 out of 0 found this helpful

Have more questions? Submit a request

Comments

0 comments

Please sign in to leave a comment.