πŸ“˜Azure Integration

Prerequisites

In order to configure Azure SSO integration with Ludi you will need:

  • Admin access to your Ludi account.

  • Admin access to your Azure portal (with permission to add Enterprise Applications).

  • One or more authorized domains adding to your Ludi account (see end of article).

  • A note of your organizations Ludi Account ID.

How to find your Ludi Account ID

Before you begin, you will need your organization's 12 character Ludi Account ID. You can find this in the under the management menu within Ludi: https://ludi.co/manage

Ludi Account ID

Integration Setup

From within the Azure portal, search for and select Enterprise Applications from the resources palette, click New Application and then Create your own application. Set the name as Ludi and select Integrate any other application you don't find in the gallery if not already selected.

Click Create.

Select Single sign-on from the left menu (or getting started quick link) and select SAML as the sign-in method.

Under Basic SAML configuration, enter your Ludi Account ID number as the Identifier (Entity ID) and set the Reply URL to https://ludi.co/login/saml. Leave all other fields in this section blank.

SAML Settings

Leave the default User Attributes & Claims settings, as per the screenshot above. If the defaults are different or you have changed them, please set them as above.

Next, download the Base64 encoded Certificate file from Section 3. Make a note of the Login URL and Azure AD Identifier from Section 4. We will need all these values to configure the Ludi side of the integration.

The data we need from Azure

Go to your Ludi account administration screen and navigate to Single Sign-On. Map the values from Azure to Ludi like so:

  • Entry Point = Login URL

  • Issuer = Azure AD Identifier

  • Certificate = Text content of the Base64 certificate file

Example configuration within Ludi

Once added, click Save Configuration. We recommend leaving the "Restrict login" setting off until you are sure all your team members are able to login via SSO otherwise it may block their access.

If you have not already had your authorized domains configured by a Ludi team member, please contact us on Intercom or at [email protected] to set these up. The domains should include all domains that your team will login from.

Authorized domains allow us to redirect users from Ludi to your SSO Identity Provider if they login directly via our login interface rather than going via your service portal. They are not required, but recommended.

PreviousSingle Sign-OnNextGoogle Integration

Last updated