My Account Overview
  • Account Management
    Account Management Overview Roles and Permissions – What’s New Roles and Permissions User Management Team Management Account Settings Universal Links and Your iOS App Android App Links and Your Android App
  • Support
    Support Business Hours Create and Manage Support Tickets Sailthru Maintenance Windows Support Offerings
    • Custom Font ManagementVerified Sending Domain
  • Single Sign-On
    • Multifactor Authentication

    Link an Azure Active Directory Application to Marigold Engage by Sailthru

    This guide walks you through configuring an Azure Active Directory application to enable SAML-based Single Sign-On from Azure Active Directory for Marigold Engage by Sailthru. In this scenario, the Azure Active Directory application is the SAML Identity Provider.

    Create a new Azure application

    Please follow this guide to create a new non-gallery application on the Azure Active Directory portal.

    Configure your new Azure application

    1. Decide the name of the SAML connection that will be used by Marigold Engage by Sailthru. This should be in the format of “saml-<companyname>”, e.g. “saml-sailthru”. In the following steps, you’ll insert this name in place of SAML_CONNECTION_NAME.
    2. Follow this guide to configure the Azure application to enable SAML-based Single Sign-On.
    3. In the “Basic SAML Configuration” section, use the following settings:
      1. urn:auth0:sailthru:SAML_CONNECTION_NAME as the value for the Identifier (Entity ID) field
      2. https://login.sailthru.com/login/callback?connection=SAML_CONNECTION_NAME as the value for the Reply URL (Assertion Consumer Service URL) field
    4.  In the “User Attributes and Claims” section,
      specify “givenname”, “surname” and “name” as additional claims:

      You also need to specify the user’s email address as the only required Name ID claim. There are two options to do it. You can specify “user.mail” as the value for the claim:
      or
      you can use any available transformations to make the user’s email address dynamic:

      See more details about available transformations       here. The email value sent from Azure within the Name ID claim must match the email address associated with the user within the Marigold Engage by Sailthru platform.
    5. Go to the “SAML Signing Certificate” section and download the certificate in the base64 format:
      1. Go to the “Set up ” section and copy the value for “Login URL”.
    6. Go to the “Set up <applicationName>” section

      and copy the following values:
      1. Login URL
      2. Azure AD Identifier
      3. Logout URL
    7. Now it’s time to assign users to the Azure application: For that, please follow this guide.

    Pass configuration details to Marigold Engage by Sailthru

    Once you have completed all these steps, please contact Support with the following details
    • SAML connection name
    • Identity Provider Single Sign-On URL
    • X.509 Certificate 

    Contact us

    Top