Skip to main content
All CollectionsManage Your AccountAccount Setup
Configure Single Sign-On (SSO) with Microsoft Entra ID (formerly Azure AD)
Configure Single Sign-On (SSO) with Microsoft Entra ID (formerly Azure AD)

Learn how to configure SSO with Microsoft Entra ID (formerly Azure AD)

Sara Sorenson avatar
Written by Sara Sorenson
Updated over 3 months ago

Configure Single Sign-On (SSO) with Microsoft Entra ID (formerly Azure AD)

banner, decorative

This article will cover how to set up single sign-on (SSO) using SAML 2.0 in Microsoft Entra ID (formerly Azure AD) for your Muck Rack instance.


SSO will allow your licensed Muck Rack users to access the Muck Rack application securely using their Microsoft credentials.

Supported SAML Features

The Muck Rack enterprise app that will be configured currently supports the following

features:

  • SP-initiated SSO

Requirements

To set up SSO for your Muck Rack instance, you will need:

  • Approval from your Muck Rack account executive or your Muck Rack customer success manager

  • A Microsoft 365/Office 365 account with Global Administrator or Application Administrator access

  • You must use the same email address for both your Microsoft/Office 365 account and your Muck Rack account

Configuring an Enterprise App for Muck Rack

  1. In a new browser window, sign in to your Microsoft Entra admin center using a Microsoft 365 account that has a Global Administrator or Application Administrator role assigned.

  2. Navigate to your Entra admin sidebar and select Identity > Applications > Enterprise applications.

  3. Select + New Application.

    The "+ New application" button is shown on the right side of the Enterprise Applications screen in Microsoft Entra admin center.

  4. Select + Create your own application.

  5. Name the application “Muck Rack” or something identifiable and then select Integrate any other application you don't find in the gallery (Non-gallery).

    The "Create your own application" page is shown with a name field filled in with the text, "Muck Rack," and a radio button selected that is labeled, "Integrate any other application you don't find in the gallery (Non-gallery)."

  6. Select Create.

Configuring SAML Settings

  1. Contact the Muck Rack support team at support@muckrack.com and request that they enable SAML 2.0 for your account.

  2. Once you receive a SAML Setup Instructions email from Muck Rack Support with your connection name, navigate to the sidebar of your Muck Rack app and select Single sign-on > SAML.

  3. Select Edit in the right corner of the Basic SAML Configuration box.

  4. Next, select Add identifier under the Identifier (Entity ID) heading and enter the Entity ID provided to you by Muck Rack Support in the SAML setup email.

    Note: the entity ID is typically formatted like this: urn:auth0:muckrack-dev:[your-org-name]

  5. Next, select Add reply URL under the Reply URL (Assertion Consumer Service URL) heading and enter the ACS URL provided to you by Muck Rack Support in the SAML setup email.

    Note: the ACS URL is typically formatted like this: https://auth0.muckrack-dev.com/callback?=[connection-name]

    Shows the 'Basic SAML Configuration' page


  6. Select the Save button to save your basic SAML settings.

  7. Navigate to Attributes & Claims and select the Edit button in the top right corner of the box.

  8. Navigate to Required claim and select Unique User Identifier (Name ID).

  9. For Source, select Attribute.

  10. For Source attribute, search for and select user.mail as the value.

  11. Select Save.

  12. Navigate to Additional claims and delete all of the existing attributes by selecting the three dots to the right of each attribute and then selecting Delete.

  13. Add a new additional claim for email.

    1. Select + Add new claim.

    2. Enter email in the Name field.

    3. For Source, select Attribute

    4. For Source attribute, search for and select user.mail as the value.

    5. Select Save.

  14. Add another new claim for given_name

    1. Select + Add new claim.

    2. Enter given_name in the Name field.

    3. For Source, select Attribute.

    4. For Source attribute, search for and select user.givenname as the value.

    5. Select Save.

  15. Add another new claim for given_name

    1. Select + Add new claim.

    2. Enter family_name in the Name field.

    3. For Source, select Attribute.

    4. For Source attribute, search for and select user.surname as the value.

    5. Select Save.

      Shows the 'Attributes and Claims' section


  16. Navigate back to the SAML-based sign-on section of your Muck Rack app and refresh your browser window to update the SAML Signing Certificate with the values you have just entered.

  17. Navigate to the SAML Certificates section and select the Download button next to Certificate (Base64).

  18. Navigate to the Set up… section and copy the Login URL.

    Shows the 'Set up Muck Rack SAML' section with an arrow pointing to the copy button next to 'Login URL'


  19. In a reply to the SAML setup email from support@muckrack.com, paste the Login URL and attach the certificate you downloaded to your message.

  20. The Muck Rack SSO team will complete the configuration for your SSO connection and reach back out once SSO is ready to test.

App Permissions for Admin Consent

If your organization requires enterprise apps to be registered so that they may be granted admin consent, please follow the steps below.

  1. Navigate to your Microsoft Entra’s Home page.

  2. In the left sidebar, select Applications > App registrations.

  3. In the All applications tab, select the app you created for Muck Rack SSO.

  4. In the left sidebar, select API permissions.

  5. On the API permissions page, select + Add a permission.

  6. Select Microsoft Graph, then Delegated permissions.

  7. In the Select permissions section, add the following permissions:

    1. Directory.Read.All

    2. User.Read

  8. To add the permissions:

    1. Enter the permission name into the Search box.

    2. Locate the permission in the results and check the box next to its name.

    3. Repeat steps 8a and 8b for both permissions.

    4. When finished, select Add permissions.

  9. When the changes have been saved, you’ll be redirected back to the API permissions page.

  10. On the API permissions page, select Grant admin consent for [your-app-name].

    Shows the 'API permissions' page


  11. When prompted, select Yes to grant consent for the app’s permissions.

    Shows the option to 'Grant admin consent for Muck Rack'

Setting up SSO to Test

  1. Navigate to the sidebar of your Muck Rack SSO app and select Users and groups.

  2. Assign the users or groups that you will use these users to test SSO.

    Note: Test users must have an active Muck Rack account with an email that matches their email for their Microsoft 365 account or else test users will receive a Login unsuccessful error message.

  3. Once you receive an email from Muck Rack Support confirming that your connection is ready to test, open an incognito or private browser window and go to: https://muckrack.com/login/sso

  4. Enter your Microsoft 365 email address and select the Log In button.

  5. You will be redirected to your Microsoft 365 sign-on page.

  6. Enter your Microsoft 365 login credentials and authenticate using MFA (if applicable).

  7. You should now be logged in to your Muck Rack account; if you run into an issue signing in, please contact support@muckrack.com for assistance.

  8. Once you’ve successfully completed testing, please send a reply in your thread with Muck Rack Support confirming that SSO is functioning properly.

  9. All of your active Muck Rack users will be force logged-out of the Muck Rack app and be asked to sign in with SSO on their next visit.

Get Help

For additional help, contact support by choosing the chat icon in the bottom right-hand corner of the screen and selecting Messages > Send us a message.

💬 Was this article helpful?

Share your feedback and let us know how to improve our Help Center content.

Related Articles
Email Integration in Muck Rack
Configure Single Sign-On (SSO) with Okta
An Overview of Data in Muck Rack
Privacy in Muck Rack for Journalists
Did this answer your question?