SSO with Microsoft Entra
Microsoft Entra is a tested integration and supports most SSO features that Exceed Cast offers.
☑ Single Sign On is supported using the SAML 2.0 or OAuth protocol.
It is recommend that most organizations setup the OAuth integration as it is easy to configure and highly tested.
You may also configure Microsoft Entra as a SAML 2.0 provider if you require Single Log Out, advanced user control, or user provisioning features.
Setup Microsoft Entra OAuth
Assign to domain
Exceed Cast automatically configures SSO with Microsoft Entra using OAuth. If your organization uses Microsoft Entra for identity, navigate to the SSO Providers page, and assign your domain to Microsoft OAuth. Your users are now able to use Microsoft Entra to sign in to Exceed Cast.
Provide admin consent
The first time a user signs into Exceed Cast, they will prompted by Microsoft for consent to share their user data. As the Microsoft Entra administrator, you can provide Admin Consent, which will skip this process for your users. This will result in a faster, simpler, SSO process with Entra.
To configure Admin Consent, log out of your Exceed Cast account after configuring Microsoft OAuth. On the sign in page, click the Microsoft button. On the Consent screen from Microsoft, check the Consent on behalf of your organization box, then click Accept. You have now provided Admin Consent.
The next user to sign in will not be prompted by Microsoft for consent, and will be directly signed in.
Setup Microsoft Entra SAML
Start in Exceed Cast
First, navigate to Organization then SSO Providers in Exceed Cast. Click Add provider.
Select SAML via metadata URL (recommended) from the available type options and click Continue.
On the new provider page, click the download file icon on the option labeled SP Metadata URL.
Leave this page open while you configure the next steps in Entra. Information on this page will be needed by Entra to complete the integration.
Create app in Entra
Log in to your Microsoft Entra Admin portal. Under Applications, select Enterprise applications.
Click New application, then click Create your own application.
Enter a name for this application such as Exceed Cast and select Integrate any other application you don't find in the gallery (Non-gallery), then click Create.
On the new application screen, choose Single sign-on from the options on the left sidebar.
Select the option to use SAML as the single sign-on method.
Then, click the Upload metadata file option from the top menu. When prompted, upload the file you downloaded from Exceed Cast in the previous step.
Once the file is uploaded, a new window will appear. Accept all the pre-filled values on the Basic SAML Configuration window, and click Save. Once the changes have been saved, close the popup.
Send user attributes
Next, find the section labeled Attributes and claims and choose the Edit option. Delete all the attributes in the Additional claims section. Then, click Add new claim.
On the new claim page, enter displayName for the Name. Source should be set to Attribute. Source attribute should be set to user.displayname. Click Save.
After saving the new claim, your claims page should look similar to the one below:
Use the breadcrumbs at the top of the page to navigate back to the main app page.
Complete integration
Assign users to the application as you normally would in Entra.
Back on the Entra Single sign-on page, copy the value listed for App Federation Metadata Url.
Go to the Exceed Cast setup page you opened earlier.
Enter a name for this provider, for example Entra SAML, into the Name field.
Paste the URL from Entra into the IDP Metadata URL field and click Save.
Exceed Cast will then communicate with Entra to retrieve the remaining settings. Integration has completed when you are redirected back to the SSO providers list with a success message.
You can then edit the newly added Entra provider to assign your verified domains. Once your domains are assigned, all non-administrative users will be redirected to sign in via Microsoft Entra.
You should now test your integration using an Incognito or Private browsing window. Once you provide your email address, click the Sign in using organization SSO button to continue to Entra.
Exceed Cast and Exceed Technologies are not affiliated with Microsoft, beyond being members of the Microsoft Partner program. Entra and Microsoft Entra are trademarks of Microsoft Corporation.