Try Auvik Free
Try Auvik Free

How can we help?

  1. Auvik Support
  2. Administration
  3. Settings

Configuring Auvik single sign-on with Azure AD

Avatar
Muhammad Fayaz
Follow

Auvik supports Azure Active Directory (Azure AD) for authentication, allowing users to log in with their existing credentials and enabling centralized access management.

Authentication methods are configured per site in Auvik. The authentication method assigned to a site determines how users assigned to that site log in.

Note: SAML Single Sign-On (SSO) is not available during Auvik trials.

Auvik uses SAML 2.0 for SSO. The setup process consists of five main steps:

  1. Create an application in Azure AD
  2. Configure SAML in both Azure AD and Auvik
  3. Test the configuration
  4. Grant users access in Azure AD
  5. Enable SSO and migrate users in Auvik

1. Create an Application in Azure AD

If you log in to Auvik using a Microsoft account, skip this step.

  1. Log in to the Azure portal
  2. Go to Azure Active Directory > Enterprise applications
  3. Click Create your own application
  4. Enter Auvik as the name
  5. Select Integrate any other application you don't find in the gallery
  6. Click Create
  7. Go to Properties:
    • Set Enabled for users to sign-in to Yes
    • Set User assignment required to Yes
  8. Click Save

2. Configure SAML in Azure AD and Auvik

Step A: Get SAML Details from Azure AD

  1. In Azure, go to Enterprise applications > Auvik
  2. Select Single sign-on
  3. Choose SAML

⚠️ Important:
At this point, your screen may not look like the example image yet. Azure AD may require you to enter basic SAML configuration values before the full configuration page (including certificates) becomes available.

  1. Under Basic SAML Configuration, click Edit and enter temporary values:

    • Identifier (Entity ID): my.auvik.com
    • Reply URL (ACS URL): https://my.auvik.com/

    These temporary values are only used to unlock the rest of the configuration. You will replace them later with actual values from Auvik.

  2. Save your changes
  3. Under SAML Signing Certificate:
    • Create a new certificate (do not use any auto-generated default)
    • Set:
      • Signing Option: Sign SAML Assertion
      • Algorithm: SHA-256
    • Make the new certificate active
    • Download the PEM certificate
  4. Copy the following values:
    • Login URL
    • Azure AD Identifier

Keep this page open—you’ll return to it later.

Step B: Configure SAML in Auvik

  1. In Auvik, go to the site dashboard
  2. Navigate to Settings > Authentication
  3. Upload the SAML Signing Certificate
  4. Enter:
    • IdP Issuer URI → Azure AD Identifier
    • IdP Single Sign-On URL → Login URL
  5. Click Save
  6. Copy the following values from Auvik:
    • Audience URI
    • ACS URL
    • RelayState

Step C: Complete Configuration in Azure AD

  1. Return to Azure AD
  2. Edit Basic SAML Configuration
  3. Replace the temporary values with:
    • Identifier (Entity ID) → Audience URI
    • Reply URL (ACS URL) → ACS URL
    • Relay State → RelayState
  4. Save
  5. Go to User Attributes & Claims:
    • Set Name identifier:
      • Format: EmailAddress
      • Source: user.mail
  6. Add the following claims:
NameSource Attribute
firstNameuser.givenname
lastNameuser.surname
emailuser.mail
  1. Save

3. Test the Configuration

  1. In Azure AD:
    • Go to Users and groups
    • Assign a test user to the Auvik application
  2. In Auvik:
    • Go to Settings > Authentication
    • Click Test SSO
    • Select the test user
  3. In an incognito window:
    • Log in using Azure AD credentials
    • Do not use “Log in with Microsoft”
  4. Confirm the result in Auvik

⏱️ You must complete the test within 30 minutes or it will reset.

4. Grant Users Access in Azure AD

  1. Go to Enterprise applications > Auvik
  2. Select Users and groups
  3. Click Add User
  4. Assign the appropriate users or groups

5. Enable SSO and Migrate Users

  1. In Auvik, go to Settings > Authentication
  2. Choose an authentication method:
    • Standard login (password, Google, Microsoft)
    • SSO for selected users
    • SSO for all users
  3. Save your changes

Migration Options

  • All users in the site
  • Users from a specific domain
  • Individual users

⚠️ Important Notes:

  • Users migrated to SSO must log in via Azure AD only
  • Auvik does not support just-in-time provisioning—users must exist in Auvik first
  • If enforcing SSO for all users, any unmigrated users will lose access

Key Improvement from Previous Version

  • Clarified that the SAML configuration screen may not initially match the screenshot
  • Explicitly explained the need for temporary values to unlock configuration
  • Reduced confusion by aligning instructions with actual Azure AD behavior
Was this article helpful?
12 out of 23 found this helpful
Have more questions? Submit a request

Auvik System Status

Check system status

Need help?

Submit your question or comment and we'll be in touch.

Send a message

Related articles