Search Results :

×

Hubspot Single Sign-On (SSO) using Azure AD as Identity Provider

Hubspot Single Sign-On (SSO) using Azure AD as Identity Provider


miniOrange Hubspot OAuth Single Sign-On (SSO) application enables secure login into Hubspot CMS landing pages, blogs and other pages using Azure AD as OAuth provider. It supports advanced Single Sign-On (SSO) features such as user profile Attribute mapping, etc.

Here we will go through a guide to configure SSO between Hubspot and Azure AD. By the end of this guide, users should be able to login to Hubspot from Azure AD. To know more about miniOrange Hubspot OAuth Single Sign-On and other Hubspot Integrations, you can click here.

Feel free to contact us at hubspotsupport@xecurify.com to know more about how to install the miniOrange Hubspot OAuth Single Sign-On app.


Download And Installation

  • Log into your Hubspot account as an admin.
  • Click here to install miniOrange Hubspot OAuth Single Sign-On (SSO) app.

Steps to configure Hubspot Single Sign-On (SSO) Login with Azure AD as Identity Provider

1. Setup Azure AD as OAuth Provider

  • Sign in to Azure portal.
  • Select Azure Active Directory.
  • Azure AD Single Sign-on (SSO) - Login
  • In the left-hand navigation pane, click the App registrations service, and click New registration.
  • Azure AD Single Sign-on (SSO) - App-Registration
  • When the Create page appears, enter your application's registration information.(Refer to the below table)
    • Name : Name of your application.
      Application type :
      1. Select "Web app / API" for client applications and resource/API applications that are installed on a secure server. This setting is used for OAuth confidential web clients and public user-agent-based clients. The same application can also expose both a client and resource/API.
      Redirect URI :
      1. For "Web app / API" applications, provide the base URL of your app. eg, https://<domain-name> might be the URL for a web app running on your local machine. Users would use this URL to sign in to a web client application.
  • When finished, click Register.
  • Azure AD Single Sign-on (SSO) - Overview
  • Azure AD assigns a unique Application ID to your application. The Application ID is your Client ID and the Directory ID is your Tenant ID, keep these values handy as you will need them to configure the miniOrange Single Sign-On (SSO) app.
  • Azure AD Single Sign-on (SSO) - Overview
  • Go to Certificates and Secrets from the left navigaton panel and click on New Client Secret. Enter description and expiration time and click on ADD option.
  • Azure AD Single Sign-on (SSO) - secret-Key
  • Copy the secret key "value" and keep the value handy it will be required later to configure Client Secret under the miniOrange Single Sign-On (SSO) app.
  • Azure AD Single Sign-on (SSO) - Secret-Key-2


2. Setup Hubspot as OAuth Client

  • Install the miniOrange Single Sign-On (SSO) app on your hubspot account and Click on Connect App.
  • Enable Hubspot Single Sign-On(SSO)  Login using Azure AD as Identity Provider
  • You will see the following screen where you need to fill in the Client ID, Client Secret scope and the Endpoint URLs in the (Refer to the below table). Also enable the Send in Header parameter option.

    Client ID Click Here
    Client Secret Click Here
    Scope openid
    Authorize Endpoint: https://login.microsoftonline.com/<tenant-id>/oauth2/authorize
    Access Token Endpoint: https://login.microsoftonline.com/<tenant-id>/oauth2/token
    Get User Info Endpoint: https://login.windows.net/<tenant-id>/openid/userinfo
  • Enable Hubspot Single Sign-On(SSO)  Login using Azure AD as Identity Provider
  • Click on Save button and then Test Configuration.
  • Enable Hubspot Single Sign-On(SSO) Login using Azure AD as Identity Provider
  • After successful login, you will see all the values returned by your Azure AD to Hubspot in a table.
  • Enable Hubspot Single Sign-On(SSO) Login using Azure AD as Identity Provider
   Enable Hubspot Single Sign-On(SSO) Login using Azure AD as Identity Provider

    Restrict public access to Hubspot website/ pages/ content (Landing Page or Blog)

  • Restricting access to your HubSpot website can help to protect your pages from unauthorized access. By restricting access, you can ensure that only authorized users can view and interact with your pages. This can be useful for protecting sensitive information. This will allow you to restrict access to your hubspot pages / content as visitors will be needed to login first and then they will be able to access the hubspot page. This will also help you to track your vistors and also generate potential leads.
  • Now go to you Hubspot dashboard and Click on CMS HUB Free -> Marketing ->Website and choose Website Page or Blog. We have chosen Website Pages for this tutorial.
  • Enable Hubspot Single Sign-On(SSO) Login using Azure AD as Identity Provider
  • Select the page on which you want to enable (Forced Authentication or SSO) and click the Edit button. Here we have seleceted and HomePage.
  • Enable Hubspot Single Sign-On(SSO) Login using Azure AD as Identity Provider
  • Goto Settings tab and scroll down to Advanced Settings. Copy the script that you see in Step 6 and paste it inside the HTML section of Advanced Settings and click Publish button.
  • Enable Hubspot Single Sign-On(SSO)  Login using Azure AD as Identity Provider
  • Now, if you go to the page in which you included the script, you will see the following screen and required to put in Login Credentials of your Identity Provider.
  • Enable Hubspot Single Sign-On(SSO)  Login using Azure AD as Identity Provider
  • Fill in the login credentials and click Login, you will be redirected to the website page successfully.
  • Enable Hubspot Single Sign-On(SSO)  Login using Azure AD as Identity Provider

    Congratulations! You have successfully integrated Azure AD with Hubspot to enable Azure AD users to see your Hubspot content.

Track your visitors (Contact Sync)

  • After a user logs in through the Single Sign-On feature, a contact will be created which includes his details that are received from the Azure AD (Identity Provider) for the particular user.

  • This can be very useful for generating leads, as it allows you to quickly and easily add new contacts to your HubSpot marketing and sales pipelines. By using contact sync, you can ensure that your HubSpot account is always up-to-date with the latest information about your leads and customers (site visitors), which can help you to more effectively target your marketing efforts and generate more qualified leads.
  • Hubspot Contacts Page

Additional Resources


Need Help?

Mail us on hubspotsupport@xecurify.com for quick guidance(via email/meeting) on your requirement and our team will help you to select the best suitable solution/plan as per your requirement.




Hello there!

Need Help? We are right here!

support
Contact miniOrange Support
success

Thanks for your inquiry.

If you dont hear from us within 24 hours, please feel free to send a follow up email to info@xecurify.com