1. CPQ
  2. External Integrations
  3. Single Sign-On (SSO) Integration

Single Sign-On (SSO)

Article last updated:


Extend your company's existing identity/authentication system into Epicor CPQ. Give your users fewer passwords to remember, and your IT department greater security. Epicor CPQ accepts authentication requests through Azure Active Directory, which connects to many different identity providers and protocols, like SAML and OpenID.

User Experience

After the SSO sign up is complete, users can authenticate using a new SSO Sign-in link on the login page.


Clicking "Sign-in without Azure AD" shows the standard login page.

Prerequisites

In order to connect Epicor CPQ to the Azure Active Directory, you need the following:

  1. An Azure Active Directory account. This account can be connected with your identity provider, and supports most of the common protocols including SAML and OpenID.
  2. A user who has Company Administrator access to both the Azure Active Directory and the Epicor CPQ portal.

Setting up Epicor CPQ to connect to Azure AD

To start, navigate to Settings > Integrations in the Epicor CPQ Admin Portal.

Check "Enable SSO." In the field that says Tenant ID, fill in the GUID Directory ID. It can be found by navigating to your Azure Active Directory portal, and going to the Properties screen.

Alternately, you can use the "friendly" directory id (e.g. yourcompany.onmicrosoft.com). Be aware that if you change this friendly name at any time in your Azure Active Directory portal, it may require you to revisit this page to integrate again.


Click "Sign Up" and you will be directed to a page to enter your credentials for your Azure Active Directory. You will then need to grant permissions.

After the connection has been made, you should see a grid under the page which will allow you to map your Azure AD groups to Epicor CPQ roles. By doing so, users who log into the Epicor CPQ portal via SSO will be automatically given the roles that match their groups.  

If you do not see available directory groups to map, try logging out of Epicor CPQ, and then use the SSO Signin Link on the login page to sign in again.



See Also: Troubleshooting SSO Access

Was this article helpful?