Skip to content
  • There are no suggestions because the search field is empty.

Single Sign-On (SSO): How to configure your Microsoft Entra account

A step-by-step guide to setting up with Microsoft Entra account in preparation for Gladstone SSO.

 

August 2025 – With the introduction of Consumer SSO, we have re-written our SSO documentation to make it straight forward to activate both Operator and Consumer SSO. As a result, any customer who had previously configured Operator SSO should re-read the following documentation to ensure all steps have been covered.

Introduction

This article will provide you with a step-by-step guide on all configuration requirements when activating the Gladstone SSO features. All Operator and some Consumer access control will consequently be controlled through your Microsoft Entra tenant and no longer by the Gladstone core solution. Please be aware, these steps should be done prior to configuring your Gladstone products.

Step 1: Configuration of your Microsoft Entra Tenant

  1. Log into your Microsoft Entra Admin Center 

  2. On the left hand menu, select Identity > Applications > Enterprise Applications

    Enterprise Applications
  3. This should navigate you to Enterprise applications | All applications. Select the option "New application" underneath the title.

    New application
  4. Select "Create you own application"

    create application
  5. Enter a name for the application, for example GladstoneGo. This is just a label to identify it within the Entra admin center, so the naming won't affect the integration. Select the "Integrate any other application" option and select Create.

    Naming your Entra application
  6. This will populate your new application and provide an Overview page. Select "Users and Groups" from the left hand menu (it may also be available in the Getting Started menu). This will take you to a page where Users and Groups on your Entra tenancy can be assigned access to the SSO integration.

    Note: As this SSO feature covers access for both Operator and Gladstone360, permissions for the applications themselves are configured within the Gladstone Management Console as previous.

    Assign users and groups
     
  7. Whether you are using Staff SSO, Consumer SSO, or both, access to the specific Gladstone applications will be controlled through Groups. At a minimum you will require two groups. Firstly, a Gladstone Go Staff group for you back-office users, that is, anyone you want to access Operator and Gladstone360. Secondly, a Gladstone Go Consumer group for your members/consumers accessing Gladstone Go Consumer.

  8. Once users and groups have been assigned, select the "Single Sign-on" option from the left hand menu (or "Set up single sign" on in the Getting Started menu)

    select sso

  9. Select "SAML" as the single sign-on method

    Select SAML option

  10. Select "Edit" on the Basic SAML Configuration section

    Select edit SAML

  11. Within the Entity ID section, provide the following configuration details:
    1. Identifier = gladstonesoftware.cloud
    2. Reply URL = https://samlauthentication.gladstonesoftware.cloud/api/samlauthentication/log-in-callback

      Enter Entity credentials
  12. Select "Edit" on the Attributes & Claims section:

    76d54a83-3001-4a0c-b4e9-d9e9c74cab15

  13. Select "Add a group claim":

    How to setup a group claim in Entra

  14. Select "Groups assigned to the application", with "Group ID" as the Source Attribute and save.

    b6a7321f-13bb-4ad9-a9ce-efe759298c43