Azure AD Single-Sign-On

This document describes how to integrate Optimove with Azure AD’s identity provider system, to implement a SAML-based Single-Sign-On flow in Optimove.

Follow these instructions to prepare your AzureAD account for integration with Optimove

Setting Up the Integration in Azure AD

  1. Create a user in Optimove
  2. Sign into your Azure account at
  3. Under Azure Services, go to Azure Active Directory
  4. Go to Enterprise Applications
  5. Click “New Application”
  1. Select “Azure AD SAML toolkit” in the options.
  1. Name it and approve.
  2. Return to “All Applications” and select the new application you just created
  3. Click “Get Started”
  4. Your new application can be configured in the “Single Sign On” tab in the menu.

Basic SAML Configuration

In the below steps, please replace XXX with the name of your Optimove site -,
make sure to use lower-case letters.

• identifier - urn:auth0:optimove-production:XXX-azure
• Reply URL -
• Sign on URL -

  1. Click on "Add new claim" and set the following-
    Name: email_verified
    Source = Attribute
    Source attribute: true
  1. Download the SAML certificate (Base64)
  1. Under "Set up auth0-to-Optimove, copy and save the “Login URL”.
  1. Go the the "Users & Groups" tab-
  1. Select the users you would like to assign to this connection (users must also exist in the Optimove application)

Please use the Information you copied/downloaded (Login URL and SAML certificate in .PEM or .CER format only) and share it with the Optimove team in the following form-
This will open a ticket for the Optimove team to finalize the integration.

Optimove will notify you once the configuration is ready and schedule a date to turn on the SSO connection.
Optional – You may add test user credentials in the form; this test user should be created by you in both Optimove and Azure with Optimove as the assigned application; this user will be used to test the integration by the Optimove team.