Skip to main content
This guide walks you through configuring Microsoft Entra ID as the primary Identity Provider for the ngrok Dashboard. By integrating Microsoft Entra ID with ngrok, you can:
  • Restrict access to the ngrok Dashboard to only users authenticated via Microsoft Entra ID
  • Use Microsoft Entra ID’s dashboard to facilitate access to the ngrok app

What you’ll need

  • An ngrok account with administrative rights to modify account settings.
  • An ngrok Enterprise account with access to configure SAML SSO.

1. Configure Microsoft Entra ID

Create the ngrok app in Microsoft Entra ID

  • Access your Microsoft Entra ID dashboard as an administrator.
  • Click Enterprise Applications.
  • Click New application > Create your own application.
  • Provide a name for the app (for example, ngrok Dashboard) and choose the Non-gallery option and click Create.
  • Select Single sign-on, and then choose SAML.
  • Enter temporary values for Identifier and Reply URL and set Unique User Identifier to user.mail:
    • Identifier (Entity ID): https://temporary
    • Reply URL (Assertion Consumer Service URL): https://temporary
    • Unique User Identifier: user.mail
NoteThis value can differ based on setup. It is required that this user property value is an email address.

Download the IdP metadata

From the Single sign-on section on the ngrok Dashboard app, click the Download option for Federation Metadata XML and download the metadata XML.

Grant access to users and groups

Microsoft Entra ID allows administrators to restrict access to SSO apps such as the ngrok Dashboard via assignments. By default, apps created in Microsoft Entra ID have no assignments; nobody can use Microsoft Entra ID SSO to access the ngrok Dashboard until you assign them to the app. To assign users and groups to the ngrok Dashboard app:
  • Navigate to Users and groups in the application.
  • Use the Add user/group button to associate groups and users with the ngrok app. To test SSO with ngrok, make sure you’re assigned to the app.

2. Configure ngrok

ngrok dashboard SSO

To configure ngrok Dashboard SSO with Microsoft Entra ID:
  • Go to the ngrok Dashboard.
  • Click Settings > Account.
  • In the Single Sign-On (SSO) section, click New Identity Provider > New SAML Provider.
  • On the SAML Provider settings, provide a Description and click Upload XML.
  • Select your metadata file saved from the steps above and click Save.
  • After you save, the SP Metadata will appear. Copy these values into the Microsoft Entra ID ngrok Dashboard app Single sign-on settings where temporary values were placed above.
  • Save the changes in Microsoft Entra ID.

3. Test the integration

  • Navigate to the Microsoft Entra ID ngrok Dashboard app Single sign-on settings.
  • Scroll to the bottom of the settings and click Test > Test sign in.
  • You should be redirected to the ngrok Dashboard.
    • If the current user is not a member of the ngrok account and JIT is enabled, the user will be prompted to join.
    • If the current user is already a member, they will be successfully authenticated into the ngrok Dashboard.