Skip to content
Sign in
  • There are no suggestions because the search field is empty.

Set up SSO for your organization

Learn how to enable and configure single sign-on (SSO) for your organization.

Skip to:

Passare supports Single sign-on (SSO) using SAML 2.0, allowing you to use your organization's identity provider (IdP) for faster, more secure authentication.

 

Key terms & definitions

Here are some common terms you may encounter when setting up SSO. 

Identity Provider (IdP): The system that verifies who you are.
Ex: Microsoft Entra (Azure AD), Google Workspace, Okta.

Service Provider (SP): The app you want to access — in this case, Passare.

Service Provider Issuer: Unique identifier for Passare in the SSO exchange.

Service Provider Entity ID: Identifier Passare expects your IdP to recognize when sending back the SAML response.

Identity Provider Sign-in URL / SSO URL: IdP endpoint where Passare sends users to log in.

X.509 Certificate: Security certificate provided by your IdP that Passare uses for verification.

NameID / User Identifier: The unique way your IdP identifies users — usually their email address.

 

Required information

To get started, you'll need to collect the following information from your identify provider (IdP) to enter into Passare's SSO settings:

  • Service Provider Issuer 

  • Identity Provider Sign-in URL
    Ex: https://your-company.microsoft.com/app/.../sso/saml

  • Domains 

  • User Identifier Format 

  • Service Provider Entity ID 

  • Public X.509 Certificate 

 

Setup guides for common providers

Find your identity provider (IdP) below to see a brief setup guide.

If you don't see your provider listed below, visit their website or contact them directly for additional support.

Microsoft Entra (Azure AD)

  • Sign in to the Microsoft Entra (Azure AD) admin center and navigate to Enterprise Applications > New application > Create your own application.

  • Type Passare in the "What's the name of your app?" field, then select "Integrate any other application you don't find in the gallery (non-gallery)." Click Create.

  • From the left menu, go to Users and groups > Add user/group, then click None Selected. Add any users/groups that need SSO support and click Assign.

  • Next, go to Single sign-on in the left menu and select SAML. Click Edit under "Basic SAML Configuration." Add the identifier and reply URL, then Save.
    • Identifier: "passare.com"
    • Reply URL: “https://cap.passare.com/users/auth/saml/callback” 
  • Go to section 3, "SAML Certifications," and download the Certificate (Base64). This document contains most of the values you need for Passare's SSO setup.
  • Go to section 4 and copy the Login URL. This will go in the "Identity provider sign in URL" field on Passare's Authentication page.
  • Also in section 4, copy the Microsoft Entra Identifier. This will go in the "Service provider entity ID" field on Passare's Authentication page.
  • Go to Passare > Settings > Organization > Authentication and enter the Certificate document values into their respective fields.

  • See more details for Microsoft Azure AD setup here


Google Workspace

  • In the Google Admin console, go to Apps > Web and Mobile Apps > Add App > Add custom SMAL app.

  • Name your app (e.g. "Passare").

  • Google will provide the SSO URL, Entity ID, and X.509 Certificate. Copy these values into Passare's respective fields.

  • See more details for Google Workspace set up here


Okta

  • Log in to the Okta Admin Console and navigate to Applications > Create App Integration > and choose SAML 2.0.

  • Configure the Single Sign-on URL, Audience URI (Service Provider Entity ID), and obtain the X.509 Certificate in the Sign On tab.

  • Copy these values into the respective Passare fields.

  • See more details for Okta setup here


Other providers

If your IdP isn’t listed here, don’t worry — Passare supports any provider that uses the SAML protocol. Each provider will have its own instructions for finding the required values (Sign-in URL, Entity ID, Certificate, etc.).

We recommend reaching out to your IdP's support team or checking their documentation for the correct details. Once you have them, enter the values into Passare’s Authentication settings page.

 

Enable & configure SSO

After you've gathered the required information, go to your Passare settings.

Navigate to Organization > Authentication.

authentication settings

Enter the information from your IdP into the provided fields and click Save

configure and save

Toggle Single sign-on ON

enable SSO toggle

Test the SSO connection by logging out and attempting SSO login. 

SSO sign in

 

Troubleshooting tips

Mismatched Issuer/Entity IDs - Make sure they match what's in your IdP.

Expired Certificate - Update the X.509 certificate if authentication suddenly fails.

Case Sensitivity - Email addresses and identifiers are often case-sensitive.

 

 

Need help? Email us at support@passare.com or call (800) 692-5111.