Single Sign On (SSO) for Microsoft/Azure Schools

Learn how to configure Microsoft/Azure with Wellio for Single Sign On.

This process is divided into four phases:

Initial Setup

  1. Visit the Azure portal
  2. Click Azure Active Directory under Azure Services (you may need to click on More Services to see the option)
  3. Click Enterprise Applications
  4. Click on New Application
  5. Click on Create your own application
  6. Use Wellio as the application name and select the Non-gallery radio button option
  7. Click on Single sign-on and select SAML
  8. Download the metadata XML file shown in the screenshot and send it to us, along with the details for a test account. The test account should be set up with a student school-affiliated email address. When you email the metadata through to support@wellioeducation.com please pass on details (email address and password) for a test account to be provisioned in Wellio.

    azure1
     
  9. We will use this information to set things up and get back to you within a week with details for you to complete the secondary steps below.

Secondary Steps

  1. Edit the first box Basic SAML Configuration
    1. Set the Identifier (Entity ID) URL to the Entity ID URL provided by us.  Please not that we cannot send you this until you have provided your metadata from the initial setup.
    2. Set the Reply URL to the Reply URL provided by us. Please not that we cannot send you this until you have provided your metadata from the initial setup.

  2. Edit the second box User Attributes and Claims
    1. Set the Required claim to match this screenshot 
      azure2
    2. Set Additional claims to match the first screenshot below. When editing each additional claim, make sure to delete the content of the namespace field like shown in the second screenshot
      azure3
      azure4
  3. Set the Assignment requiredto NO in the Properties tab

Testing

Once you've completed the secondary steps above, please email support@wellioeducation.com to let us know. From here, we'll use the test account credentials you've provided to test the integration is performing as expected before officially setting it live for all users. 

Match existing users to the correct email (where required)

Once you've completed the secondary steps and we've completed a successful test of the integration, we'll be in touch to confirm if user matching is required in your instance. If it is, we'll also send you the appropriate information to complete. 

If your students have previously been using Wellio without SSO integration, we need to make sure their existing Wellio accounts have the correct email address linked before we set the integration live.  We'll match up as many accounts as possible and provide a list of those we couldn't match.