How to Configure Microsoft Entra ID SSO for Jotform Enterprise

August 26, 2025

Summarize with:

Microsoft Entra ID is an Enterprise identity platform that provides Single Sign-On (SSO), multifactor authentication, and conditional access—making it simple to connect with Jotform.

To get started, make sure SSO is enabled on your Jotform Enterprise server and you have a Microsoft Entra account with admin permissions.

Note

 Users can log in with either SSO or their email and password. You can also choose to require SSO for guest users.

Creating Your Own Application

Since Jotform isn’t available as a gallery app in Microsoft Entra ID, you’ll need to add a non-gallery application and set it up for SAML-based SSO. To get started, here’s what to do:

  1. Log in to your Microsoft Entra ID Admin Center dashboard, and then in the menu on the left side of the page, click on Entra ID.
  2. In the Submenu that opens, click on Enterprise Apps.
  3. Then, on the Enterprise Applications | All Applications page, click on New Application.
New Application in Enterprise Apps section of Microsoft Entra ID dashboard
  1. Next, on the Browse Microsoft Entra Gallery page, click on Create Your Own Application.
  2. Now, in the Create Your Own Application window that comes up, set up these things:
    • What’s the Name of Your App — Enter a name for your application.
    • What Are You Looking to Do With Your Application — Select “Integrate Any Other Application You Don’t Find in the Gallery (Non-Gallery)”.
  3. Finally, click on Create.
New Application Details in Enterprise Apps section of Microsoft Entra ID dashboard

Setting up SAML as an SSO Method

After creating your application, the next step is to set up SAML as a Single Sign-on method. Here’s what to do next:

  1. On the Overview page for your newly created application, under the Manage section on the left, click on Single Sign-on.
  2. Then, on the Select a Single Sign-on Method page, click on SAML.
SAML option in the SSO settings page of Microsoft Entra ID dashboard
  1. Now, on the Set up Single Sign-On with SAML page, under the Basic SAML Configuration section, click on Edit.
Basic SAML Configuration in SSO settings of Microsoft Entra ID
  1. Next, in the Basic SAML Configuration window that opens, set things up like this:
    • Identifier (Entity ID) — Use your Jotform Entity ID (e.g., https://example.jotform.com/sso/metadata.php).
    • Reply URL (Assertion Consumer Service URL) — Use your Jotform Service Provider Assertion Consumer Service URL (e.g., https://example.jotform.com/sso/?acs).
    • Sign on URL (Optional) — Use your Jotform Service Provider Assertion Consumer Service URL but replace ?acs with ?login (e.g., https://example.jotform.com/sso/?login).

Note

You can access and copy your Jotform Enterprise Service Provider Metadata on the SSO settings page. Our guide on How to Obtain Service Provider Metadata from Jotform Enterprise has more details about that.

  1. Now, click on Save, and then click on the X icon to close the window.
Basic SAML Configuration Settings in SSO page of Microsoft Entra ID
  1. While still on the Set up Single Sign-On with SAML page, in the Attributes & Claims section, click on Edit.
Attribute & Claims section in SSO page of Microsoft Entra ID
  1. Then, on the Attributes & Claims page, in the Required Claim section, click on Unique User Identifier (Name ID).
Required Claim section on the Attributes & Claims page of Microsoft Entra ID
  1. Next, on the Manage Claim page, in the Source Attribute Dropdown menu, select user.mail.
  2. Now, click on Save, and that’s it!
Source Attribute Dropdown menu on the Manage Claim Page of Microsoft Entra ID

Assigning a Custom SAML App to a User or Group

Once you’ve finished setting up SAML SSO, you can now assign the Custom SAML App to a user or group. Here’s how:

  1. On your Microsoft Entra ID Admin Center dashboard, in the menu on the left side of the page, click on Entra ID.
  2. In the Submenu that opens, click on Enterprise Apps.
  3. Then, on the Enterprise Applications | All Applications page, select the app you created.
Enterprise Applications | All Applications page on Enterprise Apps section of Microsoft Entra ID
  1. Next, in the app, under the Manage section, click on Users and Groups.
  2. Now, on the Users and Groups page, click on Add User/Group.
Add User/Group on the Users and Groups page of Microsoft Entra ID
  1. On the Add Assignment page, in the Users and Groups section, click on None or Selected.
Users and Groups section on the Add Assignment page of Microsoft Entra ID
  1. In the Users and Groups window that opens, under the All tab, select a user or group from the list.
  2. Then, at the bottom of the window, click on Select.
Users and Groups window in Microsoft Entra ID
  1. Now, on the bottom-left side of the Add Assignment page, click on Assign, and you’re done.
Assign Users and Groups in Microsoft Entra ID

Note

 The flow above selects users only, but you can also assign a specific group using the same steps.

Copying the Microsoft Entra ID Identity Provider Metadata

To set up Microsoft Entra ID SSO for Jotform Enterprise, we’ll start by copying its Identity Provider Metadata. This is how it’s done:

  1. On your Microsoft Entra ID Admin Center dashboard, in the menu on the left side of the page, click on Entra ID.
  2. In the Submenu that opens, click on Enterprise Apps.
  3. Then, on the Enterprise Applications | All Applications page, select the app you created.
Enterprise Applications | All Applications page on Enterprise Apps section of Microsoft Entra ID
  1. Next, under the Manage section in the app, click on Single Sign-on.
  2. Now, on the SAML-Based Sign-on page, in the SAML Certificates section, on the right side of Certificate (Base64), click on Download.
  3. Then, save the file to your computer.
  4. Finally, in the Set Up section, copy the Login URL, Microsoft Entra Identifier, and Logout URL.
SAML SSO credentials in Microsoft Entra ID

Note

Open the Certificate (Base64) file in a text editor on your computer to copy the certificate. On Windows, you can use Notepad; on Mac, use TextEdit.

Enabling and Configuring Microsoft Entra ID SSO on Your Jotform Enterprise Server

After you’ve got the Microsoft Entra ID Identity Provider Metadata, you can enable and set up your SSO settings. It only takes a few simple steps:

  1. On your My Workspace page, click on your Avatar/Profile picture in the top-right corner of the screen.
  2. Then, in the Dropdown menu that comes up, click on Admin Console to open your Admin Dashboard page.
Admin Console menu in Jotform Enterprise Server
  1. Next, in the menu on the left, click on Security to open the Security & Authentication Dashboard.
  2. Scroll down to the Single Sign-On (SSO) section, and on the right, click on Add SSO Provider.
Add SSO Provider in Jotform Enterprise Server
  1. In the How Would You Like to Configure Saml SSO Provider? window that opens, click on Configure Manually.
Manual Configuration in SSO settings in Jotform Enterprise Server
  1. Now, in the Add a SAML SSO Configuration window, fill in these details:
    • Provider Name — Enter the name you want shown on the login page.
    • Entity ID — Add your Microsoft Entra Identifier.
    • SSO URL — Paste your Microsoft Entra Login URL.
    • Certificate — Insert the content from your Microsoft Entra Certificate (Base64) file. Just open it with Notepad or TextEdit and copy only the value.
    • SLO URL — Enter your Microsoft Entra Logout URL.
  1. Finally, click on Test Connection to make sure everything’s working correctly. If it’s successful, click on Save Configuration to apply your SSO settings—and you’re good to go!
SSO Configuration in Jotform Enterprise Server

Once you’ve turned on SSO, you’ll see these extra options under the SSO settings:

  • Allow Email Login for Licensed Users — This lets licensed users log in with their email and password too, not just through SSO.
  • Require Single Sign-On for Guest Accounts — This makes sure guest users can only sign in through SSO, adding a bit more security.
  • SSO SCIM Provisioning Settings — This helps you automatically manage users by syncing with your identity provider, so you don’t have to update things manually.
Extra SSO options in Jotform Enterprise Server
Contact Support

Our customer support team is available 24/7 and our average response time is between one to two hours.

Help Center Contact Jotform Support

Send Comment:

Jotform Avatar
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Podo Comment Be the first to comment.