All Collections
Opmetrix HQ
Opmetrix HQ - Maintenance for Administrators
Single Sign-On (SAML) with Opmetrix HQ
Single Sign-On (SAML) with Opmetrix HQ

How to set up single-sign on for a passwordless login experience in Opmetrix HQ

Opmetrix Service Desk avatar
Written by Opmetrix Service Desk
Updated over a week ago

Single Sign-On allows using your existing systems as a way to configure users for your HQ system without needing to manually maintain them in Opmetrix. It also allows your HQ users to click a button to sign-in, without needing to enter any passwords.

Enabling this option in Opmetrix will provide a new button on the login screen, "Login with SSO" which will login a user with a single click.

Users are linked into Opmetrix by their email address. Optionally, new user accounts can be created automatically.

Setup Steps:

  • In Opmetrix HQ, open Settings -> System Settings

  • Then use 'Smart Search' for SAML, and click the 'Enable Saml' screen.

  • A popup will open with all the SAML details needed for your organisation to configure single sign-on through your third party SAML server.

  • If your single sign-on identity provider can use an auto-provisioning URL, then you can copy this from the 'Service Provider Info' page.

  • If your identity provider can provide an auto-provision URL then enter that into the first 'Quick Setup' area.




Office365/AzureAD specific steps

Open the 'Enterprise applications' section of Azure/Office365 - https://portal.azure.com/#blade/Microsoft_AAD_IAM/StartboardApplicationsMenuBlade/AllApps (or Azure Services -> Azure Active Directory -> Enterprise applications)

Click '+ New application'




Then click, "+ Create your own application"




Add in "Opmetrix SSO"


then click "Create"


Click the "Set up single sign on" tile



Then pick SAML:


Copy the 'App Federation Metadata Url' from this screen into the "IdP Auto Provision Metadata URL" screen in Opmetrix HQ settings





Then click the "Edit" button on the "Basic SAML Configuration" section:



Azure can't use the auto-provision URL from Opmetrix, so you'll need to open the 'Advanced Setup' section of the SAML Settings popup and copy paste the "SP Assertion Consumer Service (ACS) URL:" url (from Opmetrix) to "Reply URL (Assertion Consumer Service URL)" (in Azure) and the "SP Entity ID:" (from Opmetrix) to "Identifier (Entity ID)" (in Azure)

eg, for our demo system,


will look like



You'll then want to configure other properties, depending on your business requirements - eg if you want everyone in your organisation to automatically be assigned an Opmetrix login without having to manually approve each sign in, you'll want to disable the "User Assignment required" section of the application properties:



and potentially set up the 'Self-Service options:

Viewing SSO Users

Once setup, any users logging in with SSO the first time will show up in the Login Maintenance page.

The SSO column of this table only shows if SSO is enabled.


Did this answer your question?