Read supports a number of different options for configuring single sign-on using SAML, only available to Enterprise+ subscribers. This page explains the step by step process for setting up SAML authentication with Microsoft Entra. See How to: Setup SAML Authentication with Read AI for a list of other supported SAML providers.
1. Request an ACS URL and Entity ID
Start by sending an email to support@read.ai with the subject "MICROSOFT SAML REQUEST: <Your company name>", from your Read.ai account affiliated email asking for the ACS url for your workspace. We will reply back with the following information:
-
Entity ID:
https://api.read.ai
-
ACS URL:
https://api.read.ai/saml/acs?cid={YOUR_CID}
2. Create your Enterprise Application
In this step you will set up a new application in Microsoft Entra for Read:
-
Sign in to the Microsoft Entra admin center as at least a Cloud Application Administrator.
-
Browse to Identity > Applications > Enterprise applications.
-
Select New application and then Create your own application.
-
Add a name for the app. For example, “Read AI SAML”.
-
Select the Integrate any other application you don't find in the gallery (Non-gallery) option
-
Finally, select Create.
3. Connect Read to your Enterprise Application
In this step, you will start to configure your application and send some key information back to Read Support:
-
Navigate to the Enterprise Application you just created and click on Single sign-on in the left hand menu.
-
Select the SAML option and configure as following.
-
Add an Entity ID of
https://api.read.ai
-
Add the ACS URL you recieved from support@read.ai. It will look like
https://api.read.ai/saml/acs?cid={YOUR_CID}
-
Ensure the Attributes & Claims are as shown:
-
Send your Login URL, Microsoft Entra Identifier, and Certificate (Base64) to support@read.ai
4. Complete your setup after receiving confirmation from Read Support
Once support@read.ai has received your Login URL, Microsoft Entra Identifier, and Certificate (Base64) a confirmation email will be sent indicating that you can complete the SAML setup.
Please add a user to the app and run a test. Please contact support if any unexpected errors appear.
5. [Optional] Have Read disable other login methods
As an optional final step, if you would like to restrict your users to only logging in via SAML, please let us know at support@read.ai and we will configure this for your workspace. If this is enabled, users who try to log in to Read normally will be automatically redirected to your SAML login flow.