This guide walks you through connecting Microsoft Entra ID (Azure AD) to Reachdesk via SAML 2.0.
Before you begin
Create a non-gallery application in your Entra ID portal (e.g., "Reachdesk SSO").
Ensure the email values in Entra ID match the email addresses on user profiles in Reachdesk. These are case-sensitive.
Step-by-Step
Configure SAML settings in Entra ID
In your Reachdesk non-gallery application, enter the following values under Basic SAML Configuration:
Identifier (Entity ID):
https://app.reachdesk.com/users/saml/metadataReply URL (Assertion Consumer Service URL):
https://app.reachdesk.com/users/saml/auth
Add the email user claim
Under User Attributes & Claims:
Add a new claim.
Set Name to
email.Set Source attribute to
user.userprincipalname.
Note: The email sent in this claim must exactly match the email address on the user’s Reachdesk profile.
Upload Metadata to Reachdesk
Once Entra ID generates your metadata XML file, you'll need to add it to the platform:
Navigate to Organization > Settings > Single Sign On.
Scroll to the SAML2 Settings section.
Click Upload File and select your XML metadata file.
Contact Reachdesk Support
Before you can toggle SSO on, Reachdesk Support must perform a backend update to ensure your Identity Provider (IdP) is recognized correctly.
Email support@reachdesk.com to confirm you have uploaded the metadata file. We will update the IdP entity context on your behalf and let you know once it's ready.
Enable SSO
Once Support confirms the backend is ready, you must manually enable the connection:
Return to Organization > Settings > Single Sign On.
Find the toggle for Enable SSO For Organization and switch it to Enabled.
Important: Enabling this toggle will immediately disable password-based login for all members of your organization. All users must then use the "Sign in with SSO" option.
Frequently Asked Questions
What does the error "AADSTS75011" mean?
This usually indicates a mismatch in the authentication method. If you see this, please reach out to Reachdesk Support so we can adjust the authentication context settings.
Where do I find my metadata file?
In the Entra ID portal, under your Reachdesk application’s SAML Certificates section, look for Federation Metadata XML and click Download.
Can I use SSO and passwords at the same time?
No. Once the SSO toggle is enabled, password login is disabled for the entire organization to ensure security.
Comments
0 comments
Please sign in to leave a comment.