Articles in this section

See more

How to set up SSO using Azure AD

Dashlane's single sign-on (SSO) feature allows your users to sign in to Dashlane using their SSO credentials instead of a Master Password. This article shows you how to set up single SSO with Azure AD.

Before you get started, make sure you have done the following:

  1. You have reviewed the SSO overview page.
  2. You have signed up for a Dashlane Business Plan. Dashlane Team does not allow enabling SSO. If you would like to upgrade, contact Dashlane Support.
  3. You have access to the SSO Identity Providers metadata and console (if applicable).

Contents

  1. Step-by-step video walkthrough
  2. Enabling SSO

Step-by-step video walkthrough

Enabling SSO

Step 1: Verify your e-mail domains

  1. Log in to the Dashlane Admin Console, navigate to the Settings tab, and click Single sign-on.

    SSO_1.png

  2. In the Verify your company email domain field, enter your company's domain name and click Add.
    • If you have multiple e-mail domains configured for your SSO provider, add and verify all additional domains.
  3. Copy the Hostname and TXT values and add them to a new DNS TXT record for your domain. Once added, click Verify domain. Please note that it can take up to 24 hours to verify the domain.
  4. Verify all the email domains that your users will use to sign in using SSO. If you have more than 5 domains, please contact Dashlane Support.

    You must verify your domain before you can configure the SSO Connector.

Step 2: Prepare the Azure Enterprise SSO application

  1. Log in to portal.azure.com with your administrator azure account.
  2. Use the search bar to open the Enterprise Applications module.

    Enterprise_App_search.png

  3. Select New application.
  4. Select Integrate any other application you didn't find in the gallery. Name it something like "Dashlane SSO,” and click add.
  5. Go to the Dashlane SSO enterprise application properties page and click Set up single sign on.
  6. On the Select a single sign-on method, select SAML. Choose a single-sign-on URL endpoint that you would like to use for your SSO connector.

    There are three ways to deploy the SSO encryption connector, and how you choose to deploy will change your ACS & Entity ID URLs. Your URL will look like the below where 'mycompany' is replaced with the name of your company. If your company name is acmeco, then your SSO connector on Azure would be https://acmecosso.azurewebsites.net.

    SSO encryption service host SSO Connector endpoint
    Azure (recommended) https://mycompanysso.azurewebsites.net
    AWS https://mycompanysso.mycompany.com
    Linux VM (advanced) https://mycompanysso.mycompany.com
  7. Enter the SSO connector endpoint in the Dashlane Admin Console.

    Connector-blank.png

  8. In the Azure Enterprise App - Basic SAML Configuration settings, enter the Entity ID and ACS URL using the SSO Connector endpoint as the root. Replace "mycompanysso" with the name you chose in step 4.

    ACS___Entity_ID_URls.png

  9. Go to the section for the SAML Signing Certificate > Federation Metadata XML and click the link to Download.
  10. Upload the xml metadata in the Dashlane Admin Console > Settings > SAML SSO.
    • Opening with IE can parse XML files incorrectly. Be sure to open the XML file with a plain text editor like notepad.
  11. In the Azure Enterprise app, add your desired users or groups rights to use the newly created application using the users and groups tab.
    • Alternatively, you can set the user assignment required to no on the properties page of the Azure Enterprise App.
  12. Setup the SSO connector in your preferred environment:

Step 3: Complete the Azure Enterprise application setup

  1. Now that the SSO connector is configured, you can verify it is running by ensuring the xml file downloads by browsing to your URL: https://mycompanysso.azurewebsites.net/saml.
  2. Log in to https://console.dashlane.com > Settings > SAML SSO > test SSO connection.
  3. Click Enable SSO.
  4. Invite users using the Admin Console or one of our user provisioning methods.

You have enabled SSO for all your users! Remember, admins within Dashlane will not be impacted and will continue to sign in using their Master Password. All other users will be forced to use SSO to access Dashlane. To learn more about what current Master Password users can expect, see Enabling SSO with existing users.

Was this article helpful?
4 out of 6 found this helpful
Return to top

Related articles

Can't find what you're looking for?

Contact us
Powered by Zendesk