Configure SSO with Azure AD for 15Five

Ben Pemstein Ben Pemstein
· Updated

Use these values when adding 15Five as an enterprise application in Azure Active Directory. Complete the general 15Five SSO configuration before starting these steps.

Before You Begin

  • Your 15Five subdomain must already be set. Find it at Company SettingsSAML Single Sign-On.
  • You need Azure AD admin permissions to register and configure enterprise applications.

Steps

  1. Open the Azure AD admin portal and navigate to Enterprise Applications.
  2. Select New application and search for 15Five.
  3. Click 15Five in the results, then click Create.
  4. Go to Single sign-on in the left sidebar and select SAML.
  5. Click Edit in the Basic SAML Configuration section.
  6. Enter the Sign on URL: https://.15five.com
  7. Enter the Identifier (Entity ID): https://.15five.com/saml2/metadata
  8. Enter the Reply URL (ACS URL): https://.15five.com/saml2/acs
  9. Enter the Relay State: https://.15five.com/
  10. Save the Basic SAML Configuration section.
  11. Under SAML Signing Certificate, confirm the signing algorithm is set to SHA-256.
  12. Set the User Identifier attribute to NameID or email.
  13. Go to Users and groups and assign the 15Five app to the relevant users or groups.
  14. Download the Federation Metadata XML file from Azure AD.
  15. In 15Five, go to Company SettingsSAML Single Sign-On and upload the metadata file.

If Something Goes Wrong

Issue Check Fix
AADSTS50105 User is not assigned to the 15Five app in Azure AD Assign the user or their group to the app under Users and groups
AADSTS750054 Sign-on URL is incorrect in Azure AD Update Sign on URL to https://.15five.com
AADSTS650056 Entity ID does not match Set Identifier to https://.15five.com/saml2/metadata — include the trailing slash pattern exactly
"This subdomain is not configured for SAML2 authentication" Subdomain contains uppercase letters, spaces, or special characters Correct the subdomain to all lowercase with no spaces or special characters
No user attributes sent from Azure AD to 15Five Claim rules are missing or misconfigured in Azure AD Add claim rules for email and NameID in the Azure AD SAML attribute configuration

Not Covered Here

This article covers Azure AD-specific form values and error codes only — for full 15Five SAML attribute mapping and SSO settings, see Set up SAML Single Sign-On (SSO) in 15Five.

Related Articles

Was this article helpful?

Sorry to hear that. Tell us what was missing →