testmail.app supports Single Sign-On (SSO) via Microsoft Entra ID (Azure AD) through our SAML 2.0 integration. You can seamlessly connect testmail.app with Entra ID using this protocol.
This feature is only available for enterprise customers.
Setup the application in Microsoft Entra ID
- Sign in to your Azure account. Navigate to Microsoft Entra ID → Add → Enterprise Application.
- Click on Create your own application. Enter a name for the application, select Integrate any other... and then click Create.
- Navigate to Single sign-on tab and select SAML as the single sign-on method.
- Setup SAML by filling the first two sections as instructed below...
- Basic SAML Configuration
Configure the required fields as follows:- Identifier (Entity ID)
https://testmail.app- Reply URL (Assertion Consumer Service URL)
https://sso.testmail.app/saml- Save the configuration
- Attributes & Claims
It it mandatory to include id, name and email. - role (Optional)
If you wish to pass the role for the user, you can set this field to either "Member" or "Admin." Note: If no role is passed, the user will be assigned the "Member" role by default.
- SAML Signing Option and Algorithm
Signing Option should be Sign SAML response and assertion. The Signing Algorithm should be SHA-256
Integration in testmail.app
Navigate to your console → Settings → Setup single-sign-on (SSO) with SAML 2.0.
After configuring the required fields, your SSO setup will be submitted for review. Our technical team will verify the settings, and you will receive an email notification once the integration is activated.
- IDP entity ID (Issuer URL):
Use the Identity Provider Issuer/Issuer URL of the Testmail application in your IdP. - SP Entity ID (Audience URI): It should match the Audience URI of the Testmail application in IdP.
https://testmail.app- X509 Certificate:
Use the X.509 certificate of the Testmail application in your IdP. - Remote Login URL:
Enter the Remote Login URL in Testmail.app in the format:
https://sso.testmail.app/azure/saml?loginUrl=LOGIN_URLReplace LOGIN_URL with the corresponding Remote Login/Endpoint URL from your Identity Provider (IdP).
- Allowed Domains: Configure the domains according to your organization to implement Single Sign-On (SSO) for those domains. Note: If SAML Single-Sign-On is enabled and new domains are added in the future, they will be placed under review. Your current SSO setup will remain active for the existing domains.
- Click Save Configuration:
Upon clicking, a confirmation message will pop up stating that your settings are saved and under review, and our technical team has been notified.
Need help?
Please feel free to reach out at [email protected] for any help regarding SAML integration for Single-Sign-On.