Connect Meisterplan with Entra ID (formerly: Azure AD) to use Single Sign-On (SSO) via SAML 2.0.
- Adding Meisterplan as an App in Entra iD
- Assign Users in Entra ID
- Adding Users in Meisterplan
- Logging in to Meisterplan via Entra ID
Adding Meisterplan as an App in Entra ID
Add Meisterplan as a new SAML app in Entra ID and enter the service provider data provided by Meisterplan into Entra ID. Then enter the identity provider data provided by Entra ID into Meisterplan.
Follow these steps:
- Add a new app in Entra ID by selecting Enterprise Application and then clicking Create your own application. In the top right, select Integrate any other application you don't find in the gallery:
Find more information on this in the Entra ID help. - In the left sidebar in Entra ID, click Single Sign-On and then select the SAML option:
Find more information on this in the Entra ID help. - Set up SAML by filling in these two sections:
Find more information on this in the Entra ID help. - Now open Meisterplan and under Manage > Users > Configure click Configure SAML. If you don't see the service provider data on this page, click SAML enabled.
Fill in the remaining fields by copying the respective values from the Service Provider Data section in Meisterplan and vice versa (see steps below).
- Return to Entra ID. In step 1 Basic SAML Configuration, enter the service provider data provided by Meisterplan:
- In step 2 User Attributes & Claims, match the SAML nameID field with the Entra ID email field:
- In step 3 SAML Signing Certificate and Set Up [application name], you will find the identity provider data provided by Entra ID for Meisterplan:
- Download Certificate (Base64), open it in a text editor (e.g., Notepad) and paste the entire certificate including start/end into the X.509 field in Meisterplan. If your certificate file contains more than one X.509 certificate, use the one labeled <KeyDescriptor use="signing">.
Copy the values for Login URL, Entra ID Identifier and Logout URL and map the fields as follows:
Field in Entra ID Field in Meisterplan Entra ID Identifier Identity Provider ID Login URL SSO URL Logout URL SLO URL Certificate (Base 64) Identitiy Provider X.509 Certificate - Paste the values as well as the downloaded certificate in the appropriate fields in Meisterplan:
If your certificate file contains more than one X.509 certificate, use the one labeled <KeyDescriptor use="signing">. - If you want Meisterplan to sign requests sent to Entra ID, click Edit in step 3 under Verification certificates in Entra ID:Ensure Require verification certificates is checked. Download the certificate in Meisterplan under Download SP configuration > Download Certificate (.cer) and upload this certificate at Upload certificate in Entra ID. Complete the configuration by clicking on Save.
- In Meisterplan, click Save.
- Complete the remaining steps to add an app as described in the Entra ID documentation.
Assign Users in Entra ID
In Entra ID, assign the desired users to the Meisterplan app.
Adding Users in Meisterplan
All users logging in to Meisterplan via Entra ID will need to create corresponding user accounts in Meisterplan. You can add them automatically with auto-provisioning, or you can add them manually as follows.
Users are added in Meisterplan under Manage > Users, and user rights are configured under Manage > User Groups. For more details on user management in Meisterplan, see the articles Manage Users and Manage User Groups .
Logging in to Meisterplan via Entra ID
To log in to Meisterplan as a user via Entra ID, enter a URL according to the scheme https://us.meisterplan.com/<yoursystem>. This will redirect you to the registration page of Entra ID.
Administrators can still log in to Meisterplan via a URL according to the scheme https://us.meisterplan.com even without Single Sign-On.
For additional details on logging in via SSO, see the article Login.