Deep-dive on the Next Gen Platform. Join the Webinar!

Skip Navigation
Show nav
Dev Center
  • Get Started
  • Documentation
  • Changelog
  • Search
  • Get Started
    • Node.js
    • Ruby on Rails
    • Ruby
    • Python
    • Java
    • PHP
    • Go
    • Scala
    • Clojure
    • .NET
  • Documentation
  • Changelog
  • More
    Additional Resources
    • Home
    • Elements
    • Products
    • Pricing
    • Careers
    • Help
    • Status
    • Events
    • Podcasts
    • Compliance Center
    Heroku Blog

    Heroku Blog

    Find out what's new with Heroku on our blog.

    Visit Blog
  • Log inorSign up
Hide categories

Categories

  • Heroku Architecture
    • Compute (Dynos)
      • Dyno Management
      • Dyno Concepts
      • Dyno Behavior
      • Dyno Reference
      • Dyno Troubleshooting
    • Stacks (operating system images)
    • Networking & DNS
    • Platform Policies
    • Platform Principles
  • Developer Tools
    • Command Line
    • Heroku VS Code Extension
  • Deployment
    • Deploying with Git
    • Deploying with Docker
    • Deployment Integrations
  • Continuous Delivery & Integration (Heroku Flow)
    • Continuous Integration
  • Language Support
    • Node.js
      • Working with Node.js
      • Troubleshooting Node.js Apps
      • Node.js Behavior in Heroku
    • Ruby
      • Rails Support
      • Working with Bundler
      • Working with Ruby
      • Ruby Behavior in Heroku
      • Troubleshooting Ruby Apps
    • Python
      • Working with Python
      • Background Jobs in Python
      • Python Behavior in Heroku
      • Working with Django
    • Java
      • Java Behavior in Heroku
      • Working with Java
      • Working with Maven
      • Working with Spring Boot
      • Troubleshooting Java Apps
    • PHP
      • PHP Behavior in Heroku
      • Working with PHP
    • Go
      • Go Dependency Management
    • Scala
    • Clojure
    • .NET
      • Working with .NET
  • Databases & Data Management
    • Heroku Postgres
      • Postgres Basics
      • Postgres Getting Started
      • Postgres Performance
      • Postgres Data Transfer & Preservation
      • Postgres Availability
      • Postgres Special Topics
      • Migrating to Heroku Postgres
    • Heroku Key-Value Store
    • Apache Kafka on Heroku
    • Other Data Stores
  • AI
    • Working with AI
  • Monitoring & Metrics
    • Logging
  • App Performance
  • Add-ons
    • All Add-ons
  • Collaboration
  • Security
    • App Security
    • Identities & Authentication
      • Single Sign-on (SSO)
    • Private Spaces
      • Infrastructure Networking
    • Compliance
  • Heroku Enterprise
    • Enterprise Accounts
    • Enterprise Teams
    • Heroku Connect (Salesforce sync)
      • Heroku Connect Administration
      • Heroku Connect Reference
      • Heroku Connect Troubleshooting
  • Patterns & Best Practices
  • Extending Heroku
    • Platform API
    • App Webhooks
    • Heroku Labs
    • Building Add-ons
      • Add-on Development Tasks
      • Add-on APIs
      • Add-on Guidelines & Requirements
    • Building CLI Plugins
    • Developing Buildpacks
    • Dev Center
  • Accounts & Billing
  • Troubleshooting & Support
  • Integrating with Salesforce
  • Security
  • Identities & Authentication
  • Single Sign-on (SSO)
  • Set Up Azure Active Directory Identity SSO with Heroku

Set Up Azure Active Directory Identity SSO with Heroku

English — 日本語に切り替える

Last updated March 20, 2024

Table of Contents

  • Step 1: Set Up the Identity Provider “IdP” Side (Azure Active Directory)
  • Step 2: Set Up the Service Provider Side (Heroku)

SSO is available only for Heroku Teams and Heroku Enterprise customers.

Azure AD can serve as the identity provider, or “IdP,” for Active Directory (AD) to provide single-sign-on (SSO) user login to Heroku.

Heroku supports SSO via SAML, a standard in wide use by enterprises and companies to provide authentication services to products that otherwise require separate accounts and logins.

Setting up Active Directory to use SSO for Heroku takes about 15 minutes. There are two main steps involving the Azure and Heroku web interfaces.

Step 1: Set Up the Identity Provider “IdP” Side (Azure Active Directory)

As an admin, log into your Azure Portal, browse to Active Directory, and select the directory to enable with SSO for Heroku.

Create and Configure a SAML Application for Your Directory

  1. Go to Applications.
  2. Select Add from the footer menu.
  3. Choose Add an application my organization is developing.
  4. Give your application a name and select Web application and/or Web App.
  5. Enter your app properties with the information provided in your team or account’s Settings page for SSO configuration: a. Sign-on URL: provide “Heroku Login URL” b. App ID URI: provide your “ACS URL”
  6. After adding your app, go to Enable users to sign on.
  7. Copy the “FEDERATED METADATA DOCUMENT URL” and paste the URL into a new browser window. Save the file to your local machine. You need this document later, so store it in a place that you remember. Azure App successfully added

Step 2: Set Up the Service Provider Side (Heroku)

  1. In the Heroku web interface, select the team or account.
  2. In the Settings tab, upload the federation metadata document XML file. Heroku SSO Settings Dashboard

Congratulations! SSO is now enabled for your Active Directory users through Azure IdP. Heroku users can now log in using Azure credentials at the “Heroku Login URL” you configured.

Keep reading

  • Single Sign-on (SSO)

Feedback

Log in to submit feedback.

Using Single Sign-on (SSO) Services with Heroku, for End Users Set Up Salesforce Identity SSO with Heroku

Information & Support

  • Getting Started
  • Documentation
  • Changelog
  • Compliance Center
  • Training & Education
  • Blog
  • Support Channels
  • Status

Language Reference

  • Node.js
  • Ruby
  • Java
  • PHP
  • Python
  • Go
  • Scala
  • Clojure
  • .NET

Other Resources

  • Careers
  • Elements
  • Products
  • Pricing
  • RSS
    • Dev Center Articles
    • Dev Center Changelog
    • Heroku Blog
    • Heroku News Blog
    • Heroku Engineering Blog
  • Twitter
    • Dev Center Articles
    • Dev Center Changelog
    • Heroku
    • Heroku Status
  • Github
  • LinkedIn
  • © 2025 Salesforce, Inc. All rights reserved. Various trademarks held by their respective owners. Salesforce Tower, 415 Mission Street, 3rd Floor, San Francisco, CA 94105, United States
  • heroku.com
  • Legal
  • Terms of Service
  • Privacy Information
  • Responsible Disclosure
  • Trust
  • Contact
  • Cookie Preferences
  • Your Privacy Choices