Note: Single Sign-On is only available on our Enterprise plans. Users with System privilege can set up or manage Single Sing-On settings.

Cascade uses SAML 2.0 to securely authenticate and allow users to log in using Azure.

This guide is specific to Azure and assumes you already have an understanding of how our SSO solution works. If  you're looking for a different SSO provider than Azure or want to read our main SSO guide, click here.

Requirements & Assumptions

  • Active Azure AD Premium subscription (Required to configure federated single sign-on for a non-gallery application)


  • Register Cascade as a non-gallery application through the Azure portal
  • Use the configuration options from Azure to register Azure as an identity provider in Cascade.


  • On the Azure portal, navigate to the Azure AD > Enterprise Applications > All Applications.
  • Click on the 'New Application' button at the top of the page
  • Populate the 'Name' and click the 'Add' Button.
  • In the newly added application, navigate to the "Single sign-on" options section
  • Set 'Single Sign-on Mode' to "SAML-based Sign-on"
  • Click on the "Configure [Application Name]" element at the bottom of the page
  • From the configuration page, download the "SAML XML Metadata"
  • Follow this guide to register Azure as an identity provider in Cascade using the values contained in downloaded metadata.
  • Once Azure has been registered as an IDP in Cascade, populate the highlighted fields using the metadata generated from Cascade (Can be downloaded at https://{{subdomain}} - Note that user needs to have System privilege to download metadata from Cascade).

IMPORTANT: Ensure that the attribute mapping defined in "User Identifier" correctly matches the usernames of the users within Cascade.

Did this answer your question?