SAML SSO Setup Guide for Coreo

1. Prerequisites

Before setting up SAML SSO, ensure the following:

• You have an active Coreo Enterprise account
• Your organization uses a SAML 2.0-compliant Identity Provider (IdP) such as Azure AD, Okta, Google Workspace, OneLogin, or ADFS.
• You have access to your IdP’s configuration dashboard.

2. SAML Configuration Steps

Azure/Microsoft Entra ID

Step 1: Create the SAML application in your Identity Provider:

1. Navigate to Microsoft Entra ID in your Azure dashboard
2. Add a new Enterprise application
3. Create your own application
4. Give the name of the application to be “Coreo”
5. Select the option “Integrate any other application you don’t find in the gallery (Non-gallery)”
6. Create the application

Step 2: Set up application Single Sign-on (SSO)

1. Navigate to the create enterprise application
2. Set up single sign on
3. Select the option to be SAML Single Sign-on method
4. Enter the basic SAML configuration for Coreo:
   1. Identifier (Entity ID): https://api.coreo.io
   2. Reply URL (Assertion Consumer Service URL): https://api.coreo.io/auth/saml/callback?domain=<DOMAIN>
      (DOMAIN will need to be provided by Coreo during setup)
5. Setup Attributes & Claims
   1. Add a new additional claim for “firstName”
      • Add name to be “firstName”
      • Select Source to be “Attribute”
      • Select the source attribute to be “user.givenname”
   2. Add a new additional claim for “lastName”
      • Add name to be “lastName”
      • Select Source to be “Attribute”
      • Select the source attribute to be “user.surname”

Step 3: Assign Users in Your IdP

• Assign users who should have access to Coreo
• Ensure their email addresses match their accounts in Coreo

Step 4: Gather Required Information

You will need the following details from your Identity Provider to provide to Natural Apptitude:

• Microsoft Entra Identifier
• SSO Login URL
• Signing Certificate (Base64)