If you want to set up a SSO with other solutions such as OneLogin, Okta, etc., please check out this article instead.
First, you will need to collect two parameters from your Teramind Dashboard:
1. Login to your Teramind Dashboard.
2. Go to the Configurations > Settings > Authentication tab:
3. Turn on the Enable SSO option under the Single Sign-On (SSO) section. This will show additional options.
4. Copy the information from the Teramind callback URL and Teramind entity ID fields. You will need them to set up the Azure configuration later (Step 16).
5. Log in to your Microsoft Azure Portal.
6. Search for Enterprise applications from the top Search Bar and select Enterprise applications:
7. Click the +New application button:
8. From the Browse Microsoft Entra Gallery screen, click the +Create your own application button, and enter a name like 'Teramind Single Sign-On' and click the Create button:
9. From the Overview screen, click the Assign users and groups link:
10. From the Users and groups screen, click the +Add user/group button:
11. From the Add Assignment screen, click the None Selected link:
12. From the Add Assignment screen, under the Users panel, select the users that will need SSO access by clicking the checkboxes in front of their names. Then click the Select button:
13. From the Add Assignment screen, click the Assign button:
14. From the Single sign-on screen, click the Single sign-on link on left panel and select the SAML option:
15. From the SAML-based Sign-on screen, under the Basic SAML Configuration section, click the 
Edit icon:
16. From the Basic SAML Configuration screen, click the Add identifier and the Add reply URL links and enter the Teramind callback URL and Teramind entity ID from your Teramind Dashboard (Step 4). Click the Save button and close the right panel:
17. From the SAML-based Sign on screen, click the Edit icon under the Attributes & Claims section:
18. From the Attributes & Claims screen, remove the user.principalname… value from the Additional claims list by clicking on the ··· three dot menu then the Delete button.
It should look like the screenshot below. Click the X at the top-right corner to close the Attributes & Claims screen.
19. From the SAML Certificates screen, click the Certificate (Base 64) Download link and open that file in Notepad:
20. Copy the entire certificate, including the header and footer, and paste it into the Identity provider certificate field on the Teramind Dashboard:
21. On your Azure Portal, from the SAML-based Sing-on screen, select the Single sign-on option on the left panel. Then, under the Set up Single Sign-On copy the Login URL value:
22. Paste/enter the Login URL you copied in the previous step into the Identity provider authentication URL field on the Teramind Dashboard:
23. On your Azure Portal, from the SAML-based Sing-on screen, select the Single sign-on option on the left panel. Then, under the Set up Single Sign-On copy the Microsoft Entra Identifier value:
24. Paste/enter the Login URL you copied in the previous step into the Identity provider authentication ID field on the Teramind Dashboard. Also, ensure that Sign authorization request and Want assertions are both checked, then click Save changes.
26. Go to the Employees screen, select an employee and then click the Edit Profile button), ensure that the First Name, Last Name and Email match with what are configured for the user on the Azure Portal (Step 12):
You should now be able to authenticate to your Teramind Dashboard via Azure SSO. To debug, you can use a tool like the SAML-tracer* extension to verify if the SAML traffic is showing the correct SAML assertions and certificate.
*This is an external link. The link is being provided as a convenience and for informational purposes only; they do not constitute an endorsement or an approval by Teramind. Teramind bears no responsibility for the accuracy, legality or content of the external site or for that of subsequent links. Contact the external site for answers to questions regarding its content.