# SSO **Feature ID**: FU-1051 **Document Version:** 3.0 **Date:** 24-03-2026 ### 1. Introduction Unifize supports Single Sign-On (SSO) integration using the SAML 2.0 protocol. This allows users to authenticate with existing identity providers (IdPs) such as Microsoft Entra ID (formerly Azure AD), Google Workspace, or other SAML-compatible systems. It has full SSO support on desktop and mobile browser. Approvals are done via OTP-based digital signature. The authentication method is **admin-configured** per org. Users do not get to choose between SSO or password-based login. *** ### 2. User Experience #### A. Desktop Login Flow 1. User navigates to their Unifize portal 2. Enters your email address 3. If the domain has SSO configured: 1. User is redirected to the corresponding IdP login 2. Completes password entry and 2FA if required 3. Redirects to Unifize as logged in user **Note:** The login screen may still display the "Sign Up Now!" prompt. However, SSO-configured domains will bypass this once the email is validated. #### B. Mobile App Login Flow 1. User opens the Unifize mobile app 2. Enters your email address 3. If SSO is configured for the domain: 1. User is redirected to the corresponding IdP login 2. Completes password entry and 2FA if required 3. Redirects to Unifize mobile app as logged in user #### C. PWA Login Flow (New) 1. Open [https://pwa.unifize.com](https://pwa.unifize.com/) 2. Enter your email address 3. If your domain is SSO-enabled you'll be redirected to the same enterprise IdP login as the Web App. 4. After authentication, redirected back to PWA.The PWA supports full SSO-based login and authorization flow identical to the Web App. *** ### 3. Approvals via OTP for SSO Users SSO users can do 2FA for authorising their digital signature using email-based OTP flow: * Upon initiating a digital signature, the user receives a **6-digit OTP** at their registered email * The OTP is valid for **2 minutes** * Once entered, the “Confirm and Sign” button becomes active *** ### 4. SSO Configuration & Setup **Note:** Only org admin can set up SSO configuration. Please reach out to your admin for the following steps: 1. Configure Azure Entra Id following the [Microsoft documentation](https://learn.microsoft.com/en-us/entra/identity/enterprise-apps/add-application-portal-setup-sso#enable-single-sign-on). \ In Azure, configure the following using values from Unifize (Org Settings → SSO): 1. Entity ID : Service Provider Entity ID from Unifize 2. Reply URL(s): 1. 2. Add additional Reply URL for PWA: 3. Sign-on URL : Org SSO URL from Unifize
2. Configure Unifize SSO Settings \ \ Go to Org Settings → SSO in Unifize 1. Choose Domain from the drop down. In case the domain is not listed, please reach out to your Unifize account manager. 2. Fill the following values from Azure to unifize 1. Entity ID : Microsoft Entra Identifier on Azure 2. SSO URL : Login URL on Azure 3. Certificate : * Download the "Base64 certificate" from Azure. * Copy paste the content of the file in the text area on Unifize.
#### 2. Save the configuration #### 3: Assign Users in IdP 1. Go to **Users and Groups** in the created Enterprise Application 2. Add relevant users to grant them access to Unifize 3. Ensure the users' email domains match the configured domain *** ### 5. Permissions & Roles * Only Org Admins can access and configure SSO settings * Users are automatically routed to SSO based on their email domain * For SSO access, users must: * Be added to the Unifize app group in the IdP * Have an email address matching the configured domain *** [🖋️Edit this page](https://www.notion.so/Admin-v-1f8860e6b45e80c7b5f2fc22ee1d51f2?pvs=4) --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.unifize.com/admin-guide/profile/org-settings/sso.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.