SSO Setup Guide

Introduction

The SSO setup with realworld one is a 3-step process:

1. Follow the instructions in this guide.

2. Provide realworld one with the required configuration data.

3. Validate the login after SSO has been enabled.

⚠️ Recommendation: Schedule a session with realworld one immediately after enabling SSO. This allows quick troubleshooting and, if necessary, temporary deactivation of SSO to avoid downtime for end users.

The configuration steps can be completed in advance and will not affect users until realworld one activates SSO.

About Auth0

realworld one uses Auth0, a secure authentication and authorization platform, in the Desktop App. Auth0 provides:

• User authentication and data protection

• Secure password management

• Single Sign-On (SSO) support

With SSO enabled, users can access realworld one applications using their corporate login credentials.

Authentication Protocol

The integration uses SAML (Security Assertion Markup Language), an open-standard XML-based protocol for secure authentication and authorization:

• Identity Provider (IdP): Authenticates users and issues authentication assertions.

• Service Provider (SP): Trusts the IdP to authenticate users.

Prerequisites

Before you begin, ensure that you have:

• A Microsoft Entra ID subscription

• The Entra SAML Toolkit (enabled for SSO)

Step 1: Add Entra SAML Toolkit from the Gallery

• Sign in to the Azure portal using your work account.

• From the left navigation panel, select Microsoft Entra ID.

• Go to Enterprise Applications → All Applications.

• Click New application.

• Search for Entra SAML Toolkit and select it.

• Provide a name for the application and click Create.

Step 2: Configure Entra ID SSO

• Open the newly created application.

• In the Manage section, select Single sign-on.

• On the Select a single sign-on method page, choose SAML.

• On the Set up single sign-on with SAML page, click the pencil icon under Basic SAML Configuration.

• In the Identifier (Entity ID) field, enter the following:  
  urn:auth0:rw1-prd:<insert 3-digit company code>-rw1-saml

• In the Reply URL, enter the following: 
  https://login.realworld-one.com/login/callback?connection=<insert 3-digit company code>-rw1-saml

• In the Sign On URL, enter the following: 
  https://login.realworld-one.com/?connection=<insert 3-digit company code>-rw1-saml

• Save your changes.
• Leave Attributes and Claims as default.
• In the Manage section, select Users and Groups.

• Add the users or groups that should have access to realworld one.

Step 3: Provide Required Details to realworld one

From the Set up SAML-based Sign-On page in Azure:

• Download the Federation Metadata XML (Section 3: SAML Certificates).

• In Section 4, copy the Login URL and Logout URL 

Share the following information with realworld one:

• Federation Metadata XML

• Login URL and Logout URL

• Tenant domain name(s)

• SAML claims for:

  • First name

  • Last name

  • Email

  • Job title

You can provide this data to your contact person at realworld one or by reaching out to support@realworld-one.com 

Final Step: Validation

• Once realworld one enables SSO, test the login process.

• We strongly recommend scheduling a joint testing session with realworld one.

• If issues occur, SSO can be temporarily disabled to avoid service disruption.