SSO
      Back to home
      1. Help Center
      2. Integrations
      3. SSO

      Setting up Single Sign-On (SSO) - Microsoft Entra ID / Azure AD

      Cascade uses SAML 2.0 to securely authenticate and allow users to log in using their Microsoft credentials.

      This guide is specific to setting up SSO with Microsoft Entra ID / Azure AD, and assumes you’re already familiar with how our SSO solution works. Please refer to our general SSO article if needed (Linked here).

      Before You Begin

      To set up SSO with Entra ID, please ensure you have the following:

      • An active Cascade account
      • An active Microsoft Entra ID subscription
      • One of the following roles in Microsoft Entra ID:
        • Global, Cloud Application, Application Administrator, or Owner of the service principal
      • An Entity ID and ACS Reply URL from the Cascade Support team [support@cascade.app]
        • If you do not have this please refer to our general SSO article (Linked here)

      How to Set Up SSO:

      1. Register Cascade as a Non-Gallery Application in Entra ID
      2. Enter the Entity ID and ACS Reply URL, then download the Metadata and x.509 Certificate
      3. Assign Users and Groups to the Enterprise Application
      4. Provide your Metadata and x.509 Certificate to your Cascade point of contact

      Step 1: Register Cascade in Entra ID

      1. In the Entra ID portal, go to Enterprise Applications > All Applications



      2. Select New Application at the top of the page

      3. Select Create your own application, name it "Cascade" (or a similar name), choose the Non-Gallery option at the bottom, and click Create


      Step 2: Input Entity ID and ACS Reply URL, then download the Metadata and x.509 Certificate 

      1. In your newly created application, navigate to the Single Sign-On configuration page. Select SAML as the single sign-on method



      2. Edit the Basic SAML Configuration. This is where you will enter the Identifier (Entity ID) and ACS Reply URL

      3. Download the Federation Metadata XML file and Certificate (Base64)



      Step 3: Assign Users or Groups to the Application

      1. Within Users and groups assign individual users or whole security groups to the Enterprise Application

      Without giving users access here, they will be denied access from using SSO

      Step 4: Provide Metadata and x.509 Certificate to your Cascade point of contact

      1. Reach out to your Cascade point of contact to provide them with the Metadata and x.509 Certificate 
      2. Once we’ve received your information, the Cascade Team will complete the setup on our end. We will then work closely with you to test the integration and ensure that all users can sign in smoothly using SSO.

       

       

      FAQs

      What attributes can I use for my SSO mapping?

      We can adjust your SSO connection to use almost any attribute of your choice, with the most common options being the email address or name identifier. Whichever attribute you choose, it must match the user’s email address registered in Cascade to ensure a successful connection.

       

      Does my Subscription Tier include access to SSO?

      SSO is available for users with our Enterprise+ or Essentials subscription tiers.

       

      Does SSO apply to the entire account or individual users?

      SSO is configured at the account level, meaning it will apply to all users within the account once it is set up.

       

      What should I do if I or other users are unable to log in?

      To ensure access to the platform, please verify that each user has completed the following steps:

      • Accepted their invitation (Note: invitations expire after 30 days)
      • Entered and submitted a job title during the account creation process
      • Has an "Enabled" user status

      Need Assistance?
      If you have any questions or need further guidance throughout the setup process, don’t hesitate to contact us at [support@cascade.com]. We're here to help ensure a smooth and secure SSO experience for your organization.