In this article, you'll receive a walkthrough of setting up a Device Magic organization for use in Microsoft Azure's Active Directory. To get started, please visit and log in. Then follow the steps outlined below. 

When logged in, select "Azure Active Directory".

Select "Enterprise applications".

Choose "+ New Application".

Select "Non-gallery application" and type a name for the application, ideally something like “Device Magic Forms”. Then, click "Add" at the bottom right.

Click "Azure Active Directory" in the left pane, then "App Registrations" and change the selection dropdown from "My apps" to "All apps". 

Click the application you created, then "Manifest". In the application manifest, add at least 1 role. 

The "value" should correspond to the name of an existing user role in your Device Magic organization. Using the example in the screenshot below, there should be a role in the Device Magic organization titled "Forms-Read-Only".

Click "Save" and go back to Azure Active Directory. Next, select "Enterprise Applications", then "All Applications", then the application you created, then "Users and groups".

You need to assign a user to the Device Magic application so they can log in. Also, assign one of the roles that you created in the previous step to the user.

Click the "Assign" button.

Now you need to configure the Single Sign On settings. Below "Users and groups", click "Single sign-on".

Text values from the above screenshot:


Under User Identifier, click “View and edit all other user attributes”.

In the section that opens, click on “Add attribute”

In the section that opens, enter the following values (do not paste the values) and click “OK”.

Name: roles

Value: user.assignedroles


Make sure the new attribute shows up and click “Save”

Make a note of your generated thumbprint.

Also, make a note of the three URLS here.

At this point, remember to save the settings.

Setting up SSO in your Device Magic organization

Click "Organization Settings" when logged in and then "SAML Settings".

Here you need to enter the 3 URLS and fingerprint that you made a note of earlier.

Save and then log out. Visit and select "Log in with SSO".

Input your six digit organization key found on your Dashboard.

If everything is setup correctly, you will get the Microsoft Sign in page where you can then log in using your SSO email and password.

Did this answer your question?