What do you need help with today?

Recent Searches

No recent searches

    Popular Articles

      Articles
      View all
        Topics
        View all
          Tickets
          View all
            no results

            Sorry! nothing found for

            1. Help Hub
            2. Using PebblePad
            3. Single Sign On Integration

            In this article

              Also in this folder

              Integrate Entra ID authentication

              Modified on: Wed, 11 Jun, 2025 at 4:07 PM

              A technical guide for administrators on how to set up Entra ID as an Identity Provider to be used with PebblePad via Shibboleth as a Service Provider.




              About Entra ID 


              Using Security Assertion Mark-up Language (SAML), a user can use their Active Directory credentials to log in to PebblePad via Single Sign-On (SSO). 


              An Identity and Access Management (IAM) service provides administrators with a single location to manage all users and cloud applications, and your users with a unified sign-on.


              The benefit is not having to manage individual user IDs and passwords tied to individual cloud applications for each of your users. 





              Installation


              Installation is not self-serve. To initiate, request support from a PebblePad Integration engineer.


              Our procedure is to first use TAQAS and the test Shibboleth server (shibtest.pebblepad.com). Once the integration is confirmed to work, we provide you with our production metadata and Entity ID.


              We recommend using a test user to check the authentication between Shibboleth and Azure AD. If you have an existing account, use this. If not, please create one.



              To set-up:

              1. In the Azure portal, open the Enterprise application service.
              2. Choose Create your own application and title it PebblePad.
              3. Choose Integrate any other application you don't find in the gallery (Non-gallery) and click Create.
              4. From Assign users and groups, assign sign users to test the service
              5. Click Set up single sign on and choose SAML.
              6. Download the PebblePad Test metadata xml
              7. Click Upload metadata file, choose the metadata file from your device, and Add.
              8. The Entity ID, Reply URL and Logout URL will be pre-filled
              9. Set the Sign on URL to the value (provided by PebblePad Support)
              10. Save the configuration


              The Attributes and Claims section can use the default values, unless instructed otherwise. The claim name consists of the namespace up to, but not including, the final /, followed by the name of the attribute.

              • http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname
              • http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname
              • http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress
              • http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name


              The Name ID field that provides the username to PebblePad may need to be adjusted if it does not match the value from other systems being integrated. PebblePad Support will confirm this.



              Copy the App Federation Metadata Url and send this to PebblePad Support to complete the setup.

              Was this article helpful?

              That’s Great!

              Thank you for your feedback

              Sorry! We couldn't be helpful

              Thank you for your feedback

              Let us know how can we improve this article!

              Select at least one of the reasons
              CAPTCHA verification is required.

              Feedback sent

              We appreciate your effort and will try to fix the article

              Preview
              0 of 0