Integrating Microsoft Azure Active Directory (Azure AD / Microsoft Entra ID) with the Wellness360 platform enables Single Sign-On (SSO) for your users. This allows employees to securely access Wellness360 using their existing organizational credentials without needing separate login details.
With SSO enabled, organizations benefit from:
Seamless user login experience
Improved security and access control
Reduced password management overhead
Follow the steps below to configure SSO between Microsoft Azure AD and Wellness360.
Configure Wellness360 in Microsoft Azure AD
Note: You must have Microsoft Azure AD Administrator access to complete these steps.
To begin the integration, you must first create and configure the Wellness360 application inside your Microsoft Azure portal.
Step 1: Open Microsoft Entra ID
Log in to the Microsoft Azure Portal and navigate to the Microsoft Entra ID tab.
Step 2: Add a New Enterprise Application
Click on the + Add drop-down at the top of the panel and select Enterprise application.
This will allow you to create a new application that can be used for SSO configuration.
Step 3: Create the Wellness360 Application
Click on Create your own application from the top-left corner of the page.
In the setup window:
Enter a name for your application
Select Integrate any other application you don’t find in the gallery (Non-gallery)
Then click Create.
Once the application is created, Azure will take you to the Overview page, where you can begin configuring SSO settings.
Step 4: Set Up Single Sign-On
On the Overview page, under the Getting Started section, click Set up Single Sign-On.
You will then be asked to select a single sign-on method. Choose SAML to proceed.
This will open the Set Up Single Sign-On with SAML page, where you can enter the required Wellness360 SSO details.
Step 5: Configure Basic SAML Settings
In the Basic SAML Configuration section, click the Edit icon and enter the following values:
Identifier (Entity ID): Enter the “Entity ID” of the Wellness360 user portal:
https://api-v2.livewellness360.com/api/v1/users/saml/metadata/(companyID)
(Note: Please contact the support of Wellness360 for the company ID which need to be added at the end)Reply URL (Assertion Consumer Service URL): Enter the ACS URL below:
https://api-v2.livewellness360.com/api/v1/users/auth/sso/callback
Once both fields have been entered, click Save.
Step 6. Review User Attributes and Claims
After saving the Basic SAML Configuration, navigate to the User Attributes & Claims section.
By default, Azure uses User Principal Name (UPN) as the unique identifier for users. If your organization uses UPN as the login identifier for SSO, you do not need to make any changes in this section.
How this Works?
Azure sends a set of default claims as part of the SAML response
The Unique User Identifier is used to identify the user during login, while the remaining claims are used to populate user-related information in Wellness360
If a different identifier is needed, update this claim accordingly and replace
user.userprincipalnamein the additional claims with your chosen unique attribute.
Note: By default, Wellness360 uses the user’s email address as the unique identifier. If your organization plans to use a different identifier, that value must be updated accordingly in both Azure AD and Wellness360 during configuration.
Step 7: Download the Federation Metadata XML
Once the claims section has been reviewed, move to the SAML Signing Certificate section.
Download the Federation Metadata XML file. This metadata file contains the Azure AD SSO configuration details required by Wellness360 to establish the connection.
To download it:
In the SAML Signing Certificate section
Click Download next to Federation Metadata XML
Save this file to your device. You will upload it later in the Wellness360 Admin Portal.
Add Azure AD Configuration into the Wellness360 Admin Portal
Note: Only the wellness program administrator will be able to perform the steps discussed below.
After configuring the application in Azure AD, the next step is to add the Azure SSO details into the Wellness360 Admin Portal.
Step 1: Open SSO Settings in Wellness360
Log in to your Wellness360 portal admin account. From the left-side menu, click on Settings.
Then navigate to: SSO/SAML → Azure
Step 2: Enter the Required SSO Details
Click Modify Settings in the top-right corner of the page.
Enter the required details in the corresponding fields:
Entity ID
Identifier (IDP) – optional, based on your setup
SP URL (ACS URL)
IDP Metadata File – upload the .xml file downloaded from Azure.
Once all details have been entered, click Save Configuration.
Assign Users and Groups in Microsoft Azure AD
After the Azure application and Wellness360 portal have both been configured, you must assign users or groups to the application in Azure AD. Only assigned users will be able to access Wellness360 using SSO.
Step 1: Open the Enterprise Application
In the Microsoft Azure portal, go to: Microsoft Entra ID → Enterprise Applications → All Applications . Then select the Wellness360 application you created earlier.
Step 2: Assign Users and Groups
Under the Getting Started section, click Assign users and groups.
Then:
Click + Add user
Select Users and groups .You will now see a list of available users and groups in your Azure environment.
From here, you can:
Select existing users or groups to assign to the application
Or invite and add new users, if needed
Once users are assigned, they will be eligible to log in to Wellness360 using the Azure SSO configuration.
Test and Enable SSO
Once all configuration steps have been completed in both Azure AD and Wellness360, save all settings.
You can then test the SSO setup from Microsoft Azure AD to verify that the integration is working as expected.
A successful test confirms that:
Azure AD is able to authenticate the user
The correct SAML response is being sent
Wellness360 is able to recognize and log in the user successfully
It is recommended to test the integration with a sample assigned user before rolling it out to all employees.
After the Integration
Once the setup is complete and SSO is enabled successfully:
Users will be able to access Wellness360 using their organization login credentials
Password management becomes easier since users do not need a separate Wellness360 password
User access can be managed centrally through Microsoft Azure AD
This creates a more secure and streamlined login experience for both administrators and end users.
Need help?
If the issue continues, please contact our Support team at [email protected]. We’ll be happy to assist you and ensure everything is working as expected.