NOTE: if you are using ADFS, see this article: https://recognize.zendesk.com/hc/en-us/articles/226678267-Setting-up-single-sign-on-using-Active-Directory-with-ADFS-and-SAML
In order to setup SSO with Recognize and your Azure Active Directory, you will need to set up an application Azure Active Directory. Please follow the instructions here: https://blogs.technet.microsoft.com/enterprisemobility/2015/06/17/bring-your-own-app-with-azure-ad-self-service-saml-configuration-now-in-preview/
1. Select "Microsoft Azure AD Single Sign-On"
2. Enter identifier and reply url.
Identifier and reply url are found in the Recognize Company Admin > Settings > SSO settings section. Identifier is also known as the "Service Provider Metadata Url". Reply url is also known as the ACS (Consumer) Url.
3. Download the certificate in Base64 format
4. Copy the settings into the Recognize SSO Advanced configuration
IDP Entity ID - use the Issuer URL
SSO Target URL - use the Single Sign On Service Url
SLO Target URL - use the Single Sign out Service Url
Name Identifier - Most common configurations leave this alone
Certificate - You will need to open the base 64 certificate you downloaded in step 3 in a text editor and copy and paste the entire contents of the file including the "BEGIN CERTIFICATE" and "END CERTIFICATE" lines.
5. Back in Azure AD, click "Confirm that have you configured Single Sign On..." and submit the form to save your SSO configuration.
Setup is now complete!
Test your configuration by visiting the following url in a different or incognito/private browser: https://recognizeapp.com/<recognize-tenant-domain>/saml/sso