Skip to main content
How to configure Single Sign-On

Intended to help company admins configure single sign-on for Acuite.

Simon Fisher avatar
Written by Simon Fisher
Updated over 6 months ago

Acuite supports Single Sign-On (SSO) for any customers who are using Microsoft Entra ID (formerly Azure Active Directory). Additional identity providers will be added in the future - get in touch if you have specific requirements.

This article contains instructions for company admins to configure SSO, and to assist Acuite in completing that configuration. Once complete, users can be configured to log in to Acuite using SSO only, a password (Acuite authentication), or a combination of both.

Part 1 - Configuring Azure

These steps need to be performed within the Azure portal:

  1. Search for or navigate to the 'Enterprise Applications' blade

  2. Click the button 'Create your own application'

  3. Enter an appropriate name for the application (e.g. 'Acuite SSO') and choose the 'non-gallery' option​

  4. Once the application has been created, choose 'Single sign-on' from the left menu, and choose the 'SAML' option

  5. Click 'Edit' next to the first panel for 'Basic SAML Configuration'

  6. Make these changes:

    1. Set the Identifier (Entity ID) to https://app.acuite.io

    2. Set the Reply URL (Assertion Consumer Service URL) to https://app.acuite.io/login/sso/callback

    3. Set the Logout Url (Optional) to https://app.acuite.io/logout/sso

  7. Save the settings, then close the panel to return to the main configuration page

  8. Download the 'Federation Metadata XML' file

  9. You can then assign users to this application, which will eventually allow them to log in to Acuite via SSO. However, note that these users still need to be invited to Acuite - we do not yet support auto-provisioning of user accounts.

Part 2 - Configuring Acuite

At present, this step needs to be performed by Acuite - we do not currently support self-service (this will come in a future update).

Please send the Federation Metadata XML file to your Acuite account manager - we will use this file to complete our side of the configuration.

Part 3 - Inviting Users

Once the first two parts have been completed, you may see some changes in the Acuite 'Companies' pages. We will display icons against users to indicate whether they can log in to Acuite via SSO, passwords, or both. You will also see new options when editing an individual user:

If you are inviting a new user to Acuite, and they are using SSO only, you can choose whether you want Acuite to send them an invitation email or not.

If you choose not to send them an email, it will be up to you to communicate to that user that they are now able to log in to Acuite via SSO.

If you opt to allow them to log in via Acuite authentication, the email invitation is required and can not be disabled.

When users log in to Acuite, they will have a slightly different experience depending on which authentication schemes they are allowed to use:

Acuite authentication only:

SSO only:

Both:

Did this answer your question?