Within Teamwork.com, you can integrate your account with Azure Active Directory and set up single sign-on (SSO).

Note: Teamwork.com’s SSO offering is part of the paid Advanced Security add-on which you can purchase in addition to your Teamwork.com subscription.

Using the integration with Microsoft Azure Active Directory (AD), you can:

  • Control who has access to Teamwork.com via Azure AD.
  • Enable your users to be automatically signed-in to Teamwork.com (single sign-on) with their Azure AD accounts.
  • Manage your accounts in one central location - the Azure portal.

To configure this integration, you will need:

  • An Azure AD subscription
  • A Teamwork.com subscription with SSO enabled 

Adding Teamwork.com to Azure

Go to your Azure account, open the MS Azure Management Portal and select Azure Active Directory from the left navigation menu.






In the AD section, select the Enterprise applications tab from the left pane.




Under Enterprise applications, go to All applications and click the New application button at the top of the page.




Scroll to the Add from the gallery section. Use the search box to find Teamwork, then select it from the list.




A quick view will open on the right of the screen with a summary about Teamwork.com. Click the blue Add button at the bottom of the pane.





Configuring Azure AD single sign-on


In the Teamwork.com application integrations page, select Single sign-on from the left navigation menu and choose SAML as the method.




In the SAML setup view, click the edit pencil to the right of the Basic SAML Configuration section (step 1).




Under Basic SAML Configuration, you will need to enter:

  • Identifier (Entity ID) - choose either the US or EU identifier URL based on where your Teamwork.com site is hosted:
    • US: https://{your teamwork site address}/
    • EU: https://{your eu teamwork site address}/
  • Reply URL ( Assertion Consumer Service URL ) - choose either the US or EU reply URL based on where your Teamwork.com site is hosted:
    • US: https://{your teamwork site address}/singlesignon/v1/saml/acs
    • EU: https://{your eu teamwork site address}/singlesignon/v1/saml/acs
  • Sign on URL - choose either the US or EU sign-on URL based on where your Teamwork.com site is hosted:
    • US: https://{your teamwork site address}
    • EU: https://{your teamwork site address}

Once you have entered the relevant details, click Save at the top of the page.


In the SAML setup view, go to SAML Signing Certificate (step 3) and click the Download option for Federation Metadata XML from the given options as per your requirements.




Under Set up Teamwork.com Projects (step 4), copy the appropriate URL(s) as per your requirements.

 



Configuring Teamwork.com single sign-on


Once your metadata XML file is created, please contact security@teamwork.com with the metadata file as an attachment, along with the relevant copied URL(s) from the Azure portal, to request that your account is updated to enable SSO.