SSO
      Back to home
      1. Help Centre
      2. IT Setup
      3. SSO

      Single Sign-On (SSO) for Microsoft/Azure Schools

      Learn how to configure Microsoft/Azure with Wellio for Single Sign On.

      ⚠️ Before you start: IT admins will need admin access in Wellio to complete the SSO setup. Please contact your school's Wellio admin to request access, or email support@wellioeducation.com

      This process is divided into five steps:

      Step 1: Set Up Enterprise Application & Configure SAML

      1. Visit the Azure portal
      2. Under the Azure Services header, click Enterprise Applications
      3. Click New Application -> Create your own application
      4. Use "Wellio" as the application name and select the Non-gallery radio button option
      5. Once the application is created, go to the Single Sign-On section
      6. Select SAML as the SSO method
      7. In the Basic SAML Configuration section, enter the details provided in your Wellio SSO settings: 
        • Entity ID (Identifier) – Copy & paste this from Wellio
        • Reply URL – Copy & paste this from Wellio

      ⚠️ These values are unique to your Wellio setup. Retrieve them directly from the Wellio SSO Setup - Connect step in Settings.

      Step 2: Upload Metadata File

      Once you receive the URLs, continue with the following steps:

      • Download the Federation Metadata XML file shown below:azure1
      • Upload the Federation Metadata XML file in the Metadata section of Wellio's SSO Setup page

      Step 3: Map User Attributes & Claims


      Once you've uploaded your metadata XML file, continue with the configuration.

      1. In the User Attributes and Claims section, set the Required claim to match the following:azure2
      2. Set the Additional Claims in lowercase text to match the required layout:azure3 copy

        🚨 These fields are CASE-SENSITIVE — make sure you enter them exactly as shown.

      3. Delete the content of the Namespace field for each claim as shown in the below:azure4

      💡 Mistakes in this step are the #1 cause of SSO setup failures. If you’re unsure, refer to the screenshot for the exact formatting.

      Step 4: Enable User Access to App

      1. Set Assignment required? to NO in the Properties tab

      🚨 This enables users to access the app via SSO. Skipping this step means staff and students will receive an error when they attempt to sign-in.

      Step 5: Provide Test Login Details

      To verify the SSO setup, provide credentials for the following:

      • Teacher Test Account: Email & password
      • Student Test Account: Email & password

      These accounts will be provisioned in Wellio for testing. The test accounts should be different and be a school-affiliated email address. 

      Step 6: Submit for Review & Testing

      Once you've completed the steps above, we'll use the test account credentials you've provided in Step 5 to verify the configuration is working as expected before setting SSO live for your school.

      Note: Our team will use this information to configure your setup. You can expect a response within 7 business days and confirmation of a successful activation or request for adjustments if needed.

       

      User Matching for existing users (if needed)

      If your school previously used Wellio without SSO, existing accounts must be correctly linked to email addresses before activation. We’ll match accounts where possible and provide a list of any unmatched accounts for you to confirm.

      After configuration testing, we’ll be in touch if user matching is needed and provide simple instructions to complete the process for a smooth SSO transition.