Prerequisites
- An Entra ID Subscription
- A UserVoice plan that includes SAML Single Sign-On
- A UserVoice account and admin login
1. Adding UserVoice from the Gallery
To configure the integration of UserVoice into Entra ID, you need to add UserVoice from the gallery to your list of managed SaaS Apps.
To add UserVoice from the gallery, follow these steps:
- In the Entra ID Portal, on the left navigation panel, click Microsoft Entra ID icon.
- Navigate to Enterprise applications, then click All applications.
- Click the + New application button, at the top of the dialog.
- Click on All to expand the search. In the Add from the gallery box, search for UserVoice.
- In the results panel, select UserVoice, and then click Add.
There will be a short wait, and then you will see a confirmation message that the application has been added.
2. Configure Entra ID Single sign-on
In this section, you will enable Entra ID single sign-on in the Entra ID Portal and configure single sign-on in your UserVoice application. The UserVoice Metadata.xml for your instance may come in handy. Find it at https://<subdomain>.uservoice.com/saml/metadata.xml
.
To configure Entra ID single sign-on with UserVoice, perform these steps:
- In the Entra ID Portal, on the UserVoice application integration page, click Single sign-on.
- On the Single sign-on dialog, select SAML as the Single Sign-On method.
- On the Set up Single Sign-On with SAML page, section Box 1: Basic SAML Configuration, click to Edit and perform the following steps:
- In the Identifier (Entity ID) textbox, type the value using the following pattern:
https://<subdomain>.uservoice.com
. In the Metadata.xml, this is the same value as the entityID. - In the Reply URL textbox, type the value using the following pattern:
https://<subdomain>.uservoice.com/saml/consume
. - In the Sign-on URL textbox, type the value using the following pattern:
https://<subdomain>.uservoice.com
(if you copy and paste the URL, remove the/
from the end). - Click Save.
- In the Identifier (Entity ID) textbox, type the value using the following pattern:
- Box 2: User Attributes & Claims. UserVoice requires a number of attributes, outlined in the below steps:
- Set the Name identifier value to user.userprincipalname (AKA email). This is usually already set by default.
- UserVoice requires an email. You can optionally send a display name and GUID. Complete the following steps to create a preferred configuration:
- Delete user.givenname by clicking the three dots … and click Delete.
- Delete user.surname by clicking the three dots … and click Delete.
- Add new claim: Name, emailaddress. Source Attribute, user.userprincipalname (AKA: email).
- Add new claim: Name, guid. Source Attribute, user.objectid -- do NOT use user email.
- Add new claim: Name, display_name. Source Attribute, user.displayname.
- Box 3: SAML Signing Certificate. Download the certificate by clicking Certificate (Base64). You will need the UserVoice.cer file later on.
- Check the Status is Active.
- Box 4: Set up UserVoice. Copy the Login URL, and the Logout URL. You will need these later on. You can use the generic Azure logout URL if your login and logout URLs are the same:
https://login.microsoftonline.com/common/wsfederation?wa=wsignout1.0
- In a new browser tab/window, log in to your UserVoice Admin Portal.
- Once logged in, click the Settings Cog in the bottom-left corner.
- Click on the General tab, scroll down to Access and click User authentication.
- On the User Authentication dialog page, perform the following steps:
- Check the Single Sign-On (SSO) radio box.
- Paste the Login URL value into the SSO REMOTE SIGN-IN URL textbox.
- (Optional) Paste the Logout URL value into the SSO REMOTE SIGN-OUT URL textbox.
- In the SAML SINGLE SIGN ON section, upload the token signing certificate file. Click Choose File. Navigate to the UserVoice.cer file you downloaded earlier, and select it. Click Save.
Test
To test Entra ID UserVoice SSO implementation, you must first have users assigned to the application. See HOW-TO Assign Users to UserVoice Application if you have not. Once the above steps have been completed, to begin testing your SSO implementation, follow these steps:
- Open an Incognito Browser Window (or sign out of UserVoice and your Entra ID Directory and open a new window).
- Go to your UserVoice Forum Portal (e.g.
https://<subdomain>.uservoice.com
). - If you are not immediately presented with an Entra ID login page, click Sign in (top-right corner). A popup window should appear. Enter the email address and password of a user that has been assigned to the UserVoice Application. Click Sign In.
- If successful, you should be granted access, and taken to the home page. You have successfully setup Entra ID Single Sign-On for UserVoice.
If you are unsuccessful, reread this guide, verify your configuration and test again. If you are still unsuccessful, see Troubleshooting.
How to Assign Users to UserVoice Application
- In the Entra ID Portal, open the applications view, and then navigate to the directory view and go to Enterprise applications then click All applications.
- In the applications list, select UserVoice.
- In the menu on the left, click Users and groups.
- Click Add button. Then select Users and groups on Add Assignment dialog.
- On Users and groups dialog, select the user(s) you would like to assign to UserVoice, and Click the Select button.
- Click Assign button on Add Assignment dialog.
If you are unsuccessful, reread this guide, verify your configuration and test again. If you are still unsuccessful, see our SAML Troubleshooting Guide.