SAML Single Sign On Configuration - Entra ID (Azure AD)

Support > Server Guides

The instructions in this article are only applicable to MyWorkDrive installations using Active Directory for user identity. SAML SSO configuration is only required/supported when using Active Directory. Entra ID Installations use a native Microsoft login.

MyWorkDrive with Entra ID

Note: Entra ID is formerly known as Azure AD.

MyWorkDrive supports SAML-based web file manager Single Sign-On (SSO) to Entra ID instead of traditional Active Directory authentication for all necessary logins.

This article covers setting up Entra ID SSO with a public URL. If you wish to use an internal URL, you would want to deploy an Azure Application Gateway.

For SAML, MyWorkDrive acts as a Service Provider (SP) while the Entra ID acts as the identity provider (IDP). In a typical scenario, customers sync their Active Directory credentials to Entra ID. User logins are set to use the same UPN suffix to log in to Active Directory as they do in Entra ID (in most cases, this is the company's Office 365 Subscription).

Azure AD SAML MyWorkDrive Single Sign On

Configuration using these instructions will permit you to enable/apply conditional access policies for features in Entra, such as Pre-Auth and MFA, to this Enterprise Application.

</p> <h3 id="entra-id-saml-setup">Entra ID SAML Setup</h3> <p><strong><em>Before you start: Ensure the MyWorkDrive server is trusted for delegation as per our <a href="https://www.myworkdrive.com/support/delegation-setup-adfs-dfs-servers-active-directory/">Delegation Article</a>.</em></strong></p> <p>MyWorkDrive is listed as an approved enterprise application in the <a href="https://azuremarketplace.microsoft.com/marketplace/apps/aad.myworkdrive?tab=Overview">Azure Marketplace</a>.</p> <p>Review the instructions in Microsoft’s tutorial and information links <a href="https://learn.microsoft.com/en-us/azure/active-directory/saas-apps/myworkdrive-tutorial">here</a>.</p> <h3 id="prerequisites">Prerequisites</h3> <ul> <li>Ensure users have a UPN suffix applied for the domain name to match Entra ID Login name so they can log in to your MyWorkDrive server with their email address (most companies sync their Active Directory to the same Entra ID directory that they use to log in to Office 365).</li> <li>Ensure the MyWorkDrive server is trusted for delegation as per our <a href="https://www.myworkdrive.com/support/delegation-setup-adfs-dfs-servers-active-directory/">Delegation Article</a>.</li> <li>Ensure your MyWorkDrive server is accessible on the internet for client login (web, mobile, mapped drive). Enable the Cloud Web Connector or <a href="https://www.myworkdrive.com/steps-bind-install-ssl-certificate-myworkdrive-client-site-iis/">set up</a> your own public SSL certificate and hostname pointing to your MyWorkDrive server over port 443 (SSL).</li> </ul> <h3 id="setup-steps">Setup Steps</h3> <ul> <li>Log in to portal.azure.com as an admin and connect to Entra ID Domain (if you are using Office 365, this is the same account you use to log in to portal.office.com).</li> <li>Click on Azure Active Directory.</li> <li>Click on Enterprise Applications.</li> <li>Click on New Application.</li> <li>Search for <em>MyWorkDrive</em>.</li> <li>Add MyWorkDrive as an Enterprise App.</li> </ul> <p><img loading="lazy" class="img-fluid" style="max-width: 70%; height: auto; display: block; margin-left: auto; margin-right: auto" src="/content/2018/10/AzureAdSaml1.png" /></p> <ul> <li>Click Single sign-on from the menu on the left and choose SAML (you will only need to choose SAML the first time you begin configuration).</li> </ul> <p><img loading="lazy" class="img-fluid" style="max-width: 70%; height: auto; display: block; margin-left: auto; margin-right: auto" src="/content/2018/10/1.chooseSSO.png" /></p> <ul> <li>Ignore the configuration guide presented at the top of the page. This is helpful when you are setting up an SSO from scratch, but it offers unnecessary steps when using the template we provide.</li> </ul> <p><img loading="lazy" class="img-fluid" style="max-width: 70%; height: auto; display: block; margin-left: auto; margin-right: auto" src="/content/2018/10/Ignore-confguration-guide.png" /></p> <ul> <li>Start by editing the information in box 1. Select <em>Edit</em>.</li> </ul> <p><img loading="lazy" class="img-fluid" style="max-width: 70%; height: auto; display: block; margin-left: auto; margin-right: auto" src="/content/2018/10/edit-box-1.png" /></p> <ul> <li> Accept the default Entity ID of <em>MyWorkDrive</em>. <ul> <li><strong>This only needs to be changed if you have multiple MyWorkDrive Servers set up in your Entra, as Entra ID requires each enterprise app to have a unique Entity ID. When changed, it must also be changed to match the Service Provider Name field of SSO setup in the MyWorkDrive admin panel. You will get an error about an Entity ID mismatch on user sign-in if they are not set correctly.</strong></li> </ul> </li> <li> Enter your reply URL <ul> <li>This will be your host name followed by /SAML/AssertionConsumerService.aspx (for example: https://myworkdrive.example.com/SAML/AssertionConsumerService.aspx).</li> <li>If you intend to support multiple domain names for the server, such as both a Cloud Web Connector and a Direct connection address, be sure to enter all of them as possible reply/response URLs.</li> </ul> </li> <li> Enter your sign-on URL if users will be logging on to MyWorkDrive directly (instead of or in addition to accessing through myapps.microsoft.com portal) with your host name followed by: /Account/login-saml (for example: https://myworkdrive.example.com/Account/login-saml). <ul> <li>Note that this is technically optional, as you can retain a traditional login while only providing SSO as an option, though most often you will want to set it up this way.</li> </ul> </li> <li> Single logout URL. <ul> <li>If you wish to use single logout, set your logout URL as https://myworkdrive.example.com/SAML/SLOService.aspx Note the additional information below about how AzureAD handles single logout.</li> </ul> </li> <li>Nothing needs to be entered in the Relay State field. Leave it blank.</li> </ul> <p><img loading="lazy" class="img-fluid" style="max-width: 70%; height: auto; display: block; margin-left: auto; margin-right: auto" src="/content/2018/10/basic-saml-information.png" /></p> <ul> <li>Next, make the new MyWorkDrive server available to users. Only those users who actually have permissions to shares via NTFS and as configured on share permissions in MyWorkDrive will be able to successfully log in, regardless of how you enable access here. </li> </ul> <p><strong><em>You have two options - Permit all OR manually select specific users.</em></strong></p> <ul> <li>To <strong><em>permit all</em></strong>, click Properties from the left menu, then set <em>User Assignment Required</em> to <em>No</em>.</li> <li>This is the most normal configuration as it avoids duplicate administration. Simply add users to AD and the appropriate groups. Assuming you're syncing your local AD to Entra, those users will be able to log in to the MyWorkDrive server and get the shares they are granted permission to as configured in MyWorkDrive without needing to assign them one by one to the Enterprise App.</li> </ul> <p><img loading="lazy" class="img-fluid" style="max-width: 70%; height: auto; display: block; margin-left: auto; margin-right: auto" src="/content/2018/10/user-assignment-no.png" /></p> <p><strong><em>Or to manually select users and groups</em></strong></p> <ul> <li>In the Azure Active Directory portal for the new MyWorkDrive App. Select users and groups from the left menu, then use the Add User/Group item at the top of the screen. </li> <li>Note <a href="https://docs.microsoft.com/en-us/azure/active-directory/hybrid/concept-azure-ad-connect-sync-user-and-contacts">Domain Users groups do not sync to Entra by default.</a> In most cases, if you are manually assigning users, you will be assigning by name.</li> </ul> <p><img loading="lazy" class="img-fluid" style="max-width: 70%; height: auto; display: block; margin-left: auto; margin-right: auto" src="/content/2018/10/add-user-manually.png" /></p> <ul> <li>In box 3, copy the App Federation Signing Certificate Metadata URL to the clipboard. </li> <li>No other changes are required in box 3; you do not need to edit, just copy the URL using the copy icon.</li> </ul> <p><img loading="lazy" class="img-fluid" style="max-width: 70%; height: auto; display: block; margin-left: auto; margin-right: auto" src="/content/2018/10/saml-step-3.png" /></p> <ul> <li>Ignore boxes 4, 5, and 6. Like the configuration instructions above, this is helpful if you are setting up an SSO from scratch - since these instructions use our template, actions in those boxes are not required.</li> </ul> <p><img loading="lazy" class="img-fluid" style="max-width: 70%; height: auto; display: block; margin-left: auto; margin-right: auto" src="/content/2018/10/Ignore-sections-4-5-6.png" /></p> <ul> <li> On the MyWorkDrive server in the admin panel, go to the <em>Enterprise</em> Section. <ul> <li>Enable SAML/ADFS SSO.</li> <li>Choose Entra ID (Azure AD) SAML</li> <li>Paste in the Azure App Federation Metadata URL you copied from box 3.</li> </ul> </li> <li> <strong><em>Optional items:</em></strong> <ul> <li>Click "Require SSO Login" (this will automatically redirect all connections to Entra ID SAML Login). <em>If you do not select Require SSO Login, users will log in when going to your MyWorkDrive server URL with their traditional domain login, and the Entra ID login will only be used when clicked as a link from the Office portal or MyApps.</em></li> <li>Select Enable Single Logout, see note below about how Logout is handled in AzureAD</li> <li>If you changed the Entity ID in Entra ID setup box 1, change the Service Provider name to match <em>exactly</em> what you entered in Entra ID Setup.</li> </ul> </li> <li>Click <em>Save</em>. This will automatically pull down the Entra SSL Certificate and settings for you.</li> </ul> <p><img loading="lazy" class="img-fluid" style="max-width: 70%; height: auto; display: block; margin-left: auto; margin-right: auto" src="/content/2018/10/Capture-1.png" /></p> <h3 id="test-access">Test Access</h3> <ul> <li>We suggest initially testing with the web browser before proceeding to test the other clients.</li> <li>You may wish to use a different browser from what you routinely use/are logged in to, OR private browsing mode, to validate the Entra ID login experience and any conditional access policies for MFA you may have applied.</li> <li>If you enabled Require SSO Login, browse to your server's Login URL, e.g., https://yourserver.company.com, and you will be redirected to Entra ID SAML to log in. <strong><em>If you did not enable Require SSO Login</em></strong>, you will need to specify the SAML Login URL e.g. https://yourserver.company.com/account/login-saml.m</li> <li>Login using Entra ID. After successful login, your test user will be redirected to your MyWorkDrive website, and their assigned file shares will be displayed.</li> <li><strong><em>Alternatively,</em></strong> if you are assigning users to the App in Entra ID, you may login as an assigned user to <a href="https://myapps.microsoft.com/">https://myapps.microsoft.com</a><a href="https://myapps.microsoft.com/">.</a> Select the MyWorkDrive application.</li> </ul> <p><img loading="lazy" class="img-fluid" style="max-width: 70%; height: auto; display: block; margin-left: auto; margin-right: auto" src="/content/2018/10/AzureAdSaml4-1.png" /></p> <p><strong><em>The user is automatically logged into your MyWorkDrive browser Web File Manager.</em></strong></p> <p>If, upon login, the user's shares are present but are blank when you click into them, that's an indication that Delegation is not set correctly. <a href="https://www.myworkdrive.com/support/delegation-setup-adfs-dfs-servers-active-directory/">Please refer to the Delegation setup article</a>. Note that changes to delegation can take 15 minutes or longer to propagate on AD. In cases of a large AD, several hours have been noted for delegation to fully propagate.</p> <p><strong><em>SSO Logins are fully compatible with all MyWorkDrive features, including:</em></strong></p> <ul> <li>All clients (Web, Mobile Web, Windows Map Drive, Mac Map Drive, iOS, Android, and Teams).</li> <li>The Cloud Web Connector.</li> <li>Editing in local Office from the web client.</li> <li>Places in mobile Office.</li> </ul> <h3 id="saml-logout">SAML Logout</h3> <p>Azure Active Directory doesn’t support SAML logout. SP-initiated SLO, where a SAML logout request is sent to Entra ID, doesn’t cause a logout response to be returned. Instead, Entra ID displays a message indicating the user is logged out and that the browser windows should be closed. Logout from Entra ID doesn’t cause a logout request to be sent to the service provider. Entra ID doesn’t support configuring a SAML logout service URL for the service provider.</p> <h3 id="troubleshooting">Troubleshooting</h3> <ul> <li>Ensure you are using a browser for testing in private or incognito mode to eliminate any caching issues.</li> <li>Double-check that the user is able to log in without SAML and that they are using an email address that matches their UPN in Active Directory.</li> <li> User receives the following error: <em>The signed in user <strong><strong><strong>@</strong></strong></strong>.com is not assigned a role for the application</em> <ul> <li>As per setup notes above: Assign a user or group they are a member of in the Azure Active Directory portal to the new MyWorkDrive App (Enterprise applications > All applications > MyWorkDrive > Single sign-on > SAML-based sign-on) > users and groups (or disable the user assignment required by setting it to no).</li> </ul> </li> <li>Folders are displaying as blank after logging in: Ensure the MyWorkDrive server is trusted for delegation as per our <a href="https://www.myworkdrive.com/support/delegation-setup-adfs-dfs-servers-active-directory/">Delegation Article</a></li> <li> User receives the following error: <em>The reply URL specified in the request does not match the reply URL's configured for the application</em> <ul> <li>Check to ensure the URL specified in Entra ID SAML matches the public web address of the server, and if reverse proxies are used, they are not rewriting the URL. </li> <li>Additionally, if you are using your own hostname - e.g., https://myworkdrive.example.com be sure to disable the MyWorkDrive Cloud Web Connect under settings on your MyWorkDrive server (when the Cloud Web Connector is enabled, we assume you're using our *.myworkdrive.net and make changes to the reply URL to accommodate it).</li> </ul> </li> <li>If you are receiving multiple MFA prompts during login, make sure you disable two-factor in MyWorkDrive Enterprise after enabling Require SSO. If you have an MFA requirement in Entra ID, that will be called as part of the login through Entra ID, and no settings are required in MyWorkDrive to enable it.</li> </ul> <h3 id="renewing-your-certificate">Renewing your certificate</h3> <p>The SSO certificate issued by Microsoft and used by MyWorkDrive to secure communications between Entra ID and your MyWorkDrive server periodically expires. The default is 3 years, but you can choose a lesser amount on creation.</p> <p>Then your certificate is due to expire, you'll receive an email with some general guidelines from Microsoft, but thanks to the integration work we've done to make Entra ID easier to deploy, it's actually easier than Microsoft describes.</p> <p><strong><em>The email you'll receive notes 5 steps.</em></strong></p> <p><img loading="lazy" class="img-fluid" style="max-width: 70%; height: auto; display: block; margin-left: auto; margin-right: auto" src="/content/2018/10/microsoft-azuread-update-warning.png" /></p> <p><strong><em>The two changes to the instructions are to:</em></strong></p> <ul> <li>Delete the old certificate from Entra/Azure</li> <li>Use MyWorkDrive to download the new certificate. There is no need to manually place the certificate.</li> </ul> <p><strong><em>After step 4</em></strong></p> <p>Delete your old certificate in AzureAD. You'll immediately be updating MyWorkDrive in the next step with the new one, so make the new one Active (if it isn't done automatically) and delete the old one as it is no longer necessary. On the <strong><em>old/inactive certificate</em></strong>, click on the 3-dot menu on the left edge of the certificate row and choose <em>Delete Certificate</em>.</p> <p><img loading="lazy" class="img-fluid" style="max-width: 70%; height: auto; display: block; margin-left: auto; margin-right: auto" src="/content/2018/10/microsoft-azuread-delete-old-cert.png" /></p> <p><strong><em>Instead of Step 5</em></strong></p> <p>Now, with only one cert showing on your MyWorkDrive Entra ID configuration, save the Entra ID Page, and then log in to the MyWorkDrive admin panel on the MyWorkDrive server and browse to the <em>Enterprise</em> tab.</p> <p>Confirm you have Entra ID Configured, and then just save the page.</p> <p><img loading="lazy" class="img-fluid" style="max-width: 70%; height: auto; display: block; margin-left: auto; margin-right: auto" src="/content/2018/10/microsoft-azuread-save.png" /></p> <p>MyWorkDrive will use the built-in Entra ID configuration to connect to your Entra ID and download and update the certificate. There is no need to manually place the new certificate on the file system or "Upload it to MyWorkDrive"; MyWorkDrive will take care of that for you.</p> <p>The SAML certificate may be stored in a number of locations, depending on your version of MyWorkDrive and whether you have Clustering enabled.</p> <p>Note that if you receive an error message about multiple public signing certificates, that is an indication that you failed to delete the old certificate from Entra ID. Please log back in to Azure/Entra and double-check that the new certificate was made active and the old certificate was deleted.</p> <p><img loading="lazy" class="img-fluid" style="max-width: 70%; height: auto; display: block; margin-left: auto; margin-right: auto" src="/content/2018/10/microsoft-azuread-error.png" /></p> </div> <hr class="my-5" /> <p class="lead"> We appreciate your feedback. If you have any questions, comments, or suggestions about this article please contact our support team at <a href="mailto:support@myworkdrive.com">support@myworkdrive.com</a>. </p> </div> </main> <aside class="col-md-2 bg-white pt-0 pb-4 px-3"> <div class="mb-4 sticky-sidebar"> <h6 class="fw-semibold mb-2" style="font-size:18px; line-height:30px; letter-spacing:0;"> <img src="/ui/img/pages/kb/on-this-page.svg" width="20" height="20" class="me-2" alt="Table of Contents" /> On This Page </h6> <div class="toc-scroll-content"> <ul class="list-unstyled" id="toc" style="padding-left: 0;"><li class='mb-2'><a class="d-flex align-items-center toc-style" style="line-height:26px; letter-spacing:0; text-decoration: none;" href='#myworkdrive-with-entra-id'>MyWorkDrive with Entra ID</a> </li> <li class='mb-2'><a class="d-flex align-items-center toc-style" style="line-height:26px; letter-spacing:0; text-decoration: none;" href='#entra-id-saml-setup'>Entra ID SAML Setup</a> </li> <li class='mb-2'><a class="d-flex align-items-center toc-style" style="line-height:26px; letter-spacing:0; text-decoration: none;" href='#prerequisites'>Prerequisites</a> </li> <li class='mb-2'><a class="d-flex align-items-center toc-style" style="line-height:26px; letter-spacing:0; text-decoration: none;" href='#setup-steps'>Setup Steps</a> </li> <li class='mb-2'><a class="d-flex align-items-center toc-style" style="line-height:26px; letter-spacing:0; text-decoration: none;" href='#test-access'>Test Access</a> </li> <li class='mb-2'><a class="d-flex align-items-center toc-style" style="line-height:26px; letter-spacing:0; text-decoration: none;" href='#saml-logout'>SAML Logout</a> </li> <li class='mb-2'><a class="d-flex align-items-center toc-style" style="line-height:26px; letter-spacing:0; text-decoration: none;" href='#troubleshooting'>Troubleshooting</a> </li> <li class='mb-2'><a class="d-flex align-items-center toc-style" style="line-height:26px; letter-spacing:0; text-decoration: none;" href='#renewing-your-certificate'>Renewing your certificate</a> </li> </ul> </div> </div> </aside> </div> </div> </section> <script src="/ui/js/toc_highlight.js?v=hsDWXAxu6B0EFk5lBzDNPWYaUFGOnYiwJ1zlCoe4QtM&v=hsDWXAxu6B0EFk5lBzDNPWYaUFGOnYiwJ1zlCoe4QtM"></script> </main> <footer class="bd-footer bg-secondary-subtle p-t-120 mobile-footer"> <div class="container px-md-3 text-body-secondary"> <div class="row border-secondary-subtle gx-0 mb-4 pb-2 mb-md-5"> <div class="col-lg-4 col-md-12 mb-3"> <h5 class="mb-4">Comparisons</h5> <div class="row"> <div class="col-lg-4 col-md-6"> <ul class="list-unstyled d-flex flex-column gap-2"> <li> <a href="/egnyte-alternative">Egnyte</a> </li> <li> <a href="/filecloud-alternative">FileCloud</a> </li> <li> <a href="/nextcloud-alternative/">NextCloud</a> </li> <li> <a href="/owncloud-alternative/">OwnCloud</a> </li> <li> <a href="/file-sharing/comparisons/sftp/">Secure FTP</a> </li> <li> <a href="/box-alternative/">Box</a> </li> </ul> </div> <div class="col-lg-8 col-md-6"> <ul class="list-unstyled d-flex flex-column gap-2"> <li> <a href="/blog/top-5-sharepoint-migration-costs/">SharePoint Migration Costs</a> </li> <li> <a href="/file-sharing/comparisons/sync-share-alternative/">Sync & Share Alternative</a> </li> <li> <a href="/file-sharing/comparisons/ftp-alternative/">Windows FTP server</a> </li> <li> <a href="/file-server/webdav-server/">WebDAV Server</a> </li> <li> <a href="/file-sharing/file-sharing-service/">File Sharing Service</a> </li> </ul> </div> </div> </div> <div class="col-lg col-md-6 mb-3"> <h5 class="mb-4">Cloud File Server</h5> <ul class="list-unstyled d-flex flex-column gap-2"> <li> <a href="/file-server/migrate-file-servers-to-the-cloud/">Migrate File Servers to Cloud</a> </li> <li> <a href="/file-server/cloud/aws/">AWS</a> </li> <li> <a href="/file-server/azure/">Azure</a> </li> <li> <a href="/online-file-storage/azure-file-shares/">Azure File Shares</a> </li> <li> <a href="/online-file-storage/azure-blob-storage/">Azure Blob Storage</a> </li> <li> <a href="/file-sharing/cloud-file-sharing/">Cloud File Sharing</a> </li> </ul> </div> <div class="col-lg col-md-6 mb-1"> <h5 class="mb-4">VPN Alternative</h5> <ul class="list-unstyled d-flex flex-column gap-2"> <li> <a href="/fileshare/">FileShare Online Access</a> </li> <li> <a href="/file-server/http/">HTTP File Server</a> </li> <li> <a href="/vpn-alternative/pptp-security-risks/">PPTP Security Risks</a> </li> <li> <a href="/file-sharing/remote/">Remote File Access</a> </li> <li> <a href="/blog/smb-port/">SMB Port Alternative</a> </li> <li> <a href="/file-server/windows">Windows File Server</a> </li> </ul> </div> <div class="col-lg mb-md-1 mb-0 text-center text-lg-start"> <h5 class="mb-4">Social Connect</h5> <div class="d-flex gap-3 justify-content-center justify-content-lg-start"> <a href="https://twitter.com/myworkdrive" class="social-icon" target="_blank"> <i class="bi-twitter-x"></i> </a> <a href="https://www.linkedin.com/company/myworkdrive" class="social-icon" target="_blank"> <i class="bi-linkedin"></i> </a> <a href="https://www.youtube.com/channel/UC_alwXfDzQQjn0LW5yVUB1w" class="social-icon" target="_blank"> <i class="bi-youtube"></i> </a> </div> <div class="col-lg-10 mb-md-1 mb-0 pt-4 pt-lg-5"> <div class="pt-0 pt-lg-5"> <p class="d-flex flex-column mb-0"><br /><br />Secure file access. Seamless user experience. Total data control.</p> </div> </div> </div> <div class="row pb-0 pb-lg-0 px-0 m-auto"> <div class="col-lg-5 col-xl-4 text-center text-lg-start mb-2 mb-md-0 px-0"> <a href="/privacy-policy" class="me-lg-4">Privacy Policy</a> <span class="d-lg-none mx-4">|</span> <a href="/terms-of-service" class="me-lg-4">Terms of Service</a> </div> <div class="col-lg-7 col-xl-4 text-center d-flex justify-content-center align-items-center"> <p class="mb-0 mb-lg-0">© 2026 MyWorkDrive, LLC. All Rights Reserved</p> </div> </div> </div> </footer> <div id="cookie-consent-banner" style="display:none;position:fixed;left:0;right:0;bottom:0;background:#f1f1f1;color:#000;padding:1rem;z-index:2000;border-top:1px solid #ddd;" cookie-allowed-names="cookie_consent,.AspNetCore.Session,ARRAffinity,ARRAffinitySameSite,.AspNetCore.Antiforgery"> <div class="container d-flex flex-column flex-md-row align-items-center justify-content-between"> <div style="flex:1;min-width:0;"> We use cookies for essential functions (always on) and optional analytics/marketing. Reject to disable non-essentials and continue browsing. <a href="/company/legal/privacy/" style="color:#007bff;">See our Privacy Policy</a>. </div> <div style="margin-left:1rem;display:flex;gap:.5rem;flex-shrink:0;"> <button id="cookie-reject" class="btn btn-outline-light">Reject All</button> <button id="cookie-accept" class="btn btn-outline-light">Accept All</button> </div> </div> </div> <script> (function () { // Helper cookie functions function setCookie(name, value, days) { var expires = ''; if (days) { var date = new Date(); date.setTime(date.getTime() + (days * 24 * 60 * 60 * 1000)); expires = '; expires=' + date.toUTCString(); } document.cookie = name + '=' + (value || '') + expires + '; path=/; SameSite=None; Secure'; } function getCookie(name) { var nameEQ = name + '='; var ca = document.cookie.split(';'); for (var i = 0; i < ca.length; i++) { var c = ca[i]; while (c.charAt(0) === ' ') c = c.substring(1, c.length); if (c.indexOf(nameEQ) === 0) return c.substring(nameEQ.length, c.length); } return null; } function eraseCookie(name) { document.cookie = name + '=; Max-Age=0; path=/; SameSite=None; Secure'; } function deleteNonEssentialCookies(config) { // Reject-all behavior: keep only explicitly allowed cookie names var allowSet = new Set((config.allowedNames || []).map(function (s) { return String(s).trim(); }).filter(Boolean)); var cookies = document.cookie ? document.cookie.split(';') : []; for (var i = 0; i < cookies.length; i++) { var c = cookies[i].trim(); var eq = c.indexOf('='); var name = eq > -1 ? c.substr(0, eq) : c; if (allowSet.has(name)) continue; // keep only allowed names try { eraseCookie(name); } catch (e) { } } } function applyConsent(consent, config) { setCookie('cookie_consent', consent ? 'true' : 'false', 365); if (consent) { // Accept-all: allow everything; load optional scripts if (window.loadGtag) try { window.loadGtag(); } catch (e) { } if (window.loadRedditPixel) try { window.loadRedditPixel(); } catch (e) { } if (window.loadHappyFoxChat) try { window.loadHappyFoxChat(); } catch (e) { } } else { // Reject-all: remove all cookies except allowed deleteNonEssentialCookies(config); } var banner = document.getElementById('cookie-consent-banner'); if (banner) banner.style.display = 'none'; } document.addEventListener('DOMContentLoaded', function () { var banner = document.getElementById('cookie-consent-banner'); var acceptBtn = document.getElementById('cookie-accept'); var rejectBtn = document.getElementById('cookie-reject'); function showBanner() { if (banner) banner.style.display = 'block'; } // Extract configurable rules var cfg = { allowedNames: [] }; if (banner) { var allow = banner.getAttribute('cookie-allowed-names') || ''; cfg.allowedNames = allow ? allow.split(',') : []; } // Load existing consent if present var raw = getCookie('cookie_consent'); var consent = null; try { consent = raw !== null ? (raw === 'true') : null; } catch (ex) { consent = null; } if (consent === null) { showBanner(); } else { if (consent) { if (window.loadGtag) try { window.loadGtag(); } catch (e) { } if (window.loadRedditPixel) try { window.loadRedditPixel(); } catch (e) { } if (window.loadHappyFoxChat) try { window.loadHappyFoxChat(); } catch (e) { } } else { deleteNonEssentialCookies(cfg); } } if (acceptBtn) acceptBtn.addEventListener('click', function () { applyConsent(true, cfg); }); if (rejectBtn) rejectBtn.addEventListener('click', function () { applyConsent(false, cfg); }); }); })(); </script> <script src="/ui/js/bundle.js?v=On4ESv9pixErClz1hdL8w_yAHYQ"></script> <script src="/ui/js/mwd-utm-persist.js"></script> <script> (function() { 'use strict'; // Ensure dataLayer exists window.dataLayer = window.dataLayer || []; // Helper function to safely push events to dataLayer function trackCalendlyEvent(eventData) { try { window.dataLayer.push(eventData); // Debug logging for development environments if (window.location.hostname === 'localhost' || window.location.hostname.indexOf('dev') !== -1 || window.location.search.indexOf('debug=1') !== -1) { console.log('Calendly Event Tracked:', eventData); } } catch (error) { console.error('Error tracking Calendly event:', error); } } // Main Calendly event listener window.addEventListener('message', function(e) { // Verify the message is from Calendly if (e.origin !== "https://calendly.com") return; const eventData = e.data; // Check if it's a Calendly event if (eventData.event && eventData.event.indexOf('calendly') === 0) { const eventType = eventData.event; // Base event properties const baseProps = { event: 'calendly_event', calendly_event_type: eventType, event_category: 'Calendly', page_url: window.location.href, page_title: document.title, timestamp: new Date().toISOString(), user_agent: navigator.userAgent }; // Handle specific Calendly events switch (eventType) { case 'calendly.profile_page_viewed': trackCalendlyEvent({ ...baseProps, action: 'profile_page_viewed', event_label: 'Calendly Profile Viewed', non_interaction: true }); break; case 'calendly.event_type_viewed': trackCalendlyEvent({ ...baseProps, action: 'event_type_viewed', event_label: eventData.event_details?.event_type_name || 'Event Type Viewed', event_type_name: eventData.event_details?.event_type_name, non_interaction: true }); break; case 'calendly.date_and_time_selected': trackCalendlyEvent({ ...baseProps, action: 'date_and_time_selected', event_label: 'Date and Time Selected', selected_date: eventData.event_details?.selected_date, selected_time: eventData.event_details?.selected_time, event_type_name: eventData.event_details?.event_type_name }); break; case 'calendly.event_scheduled': // This is the most important conversion event trackCalendlyEvent({ ...baseProps, action: 'event_scheduled', event_label: 'Demo Scheduled', value: 1, currency: 'USD', event_type_name: eventData.event_details?.event_type_name, invitee_email: eventData.event_details?.invitee?.email, invitee_name: eventData.event_details?.invitee?.name, event_start_time: eventData.event_details?.event_start_time, event_end_time: eventData.event_details?.event_end_time, event_uuid: eventData.event_details?.event?.uuid, // Mark as conversion for enhanced ecommerce conversion: true, conversion_type: 'demo_scheduled' }); break; case 'calendly.page_height_changed': // Track widget resize (non-interaction event) trackCalendlyEvent({ ...baseProps, action: 'page_height_changed', event_label: 'Widget Height Changed', height: eventData.event_details?.height, non_interaction: true }); break; default: // Track any other Calendly events trackCalendlyEvent({ ...baseProps, action: eventType.replace('calendly.', ''), event_label: eventType, raw_event_data: JSON.stringify(eventData.event_details || {}) }); break; } } }); // Track Calendly widget loading document.addEventListener('DOMContentLoaded', function() { let widgetCheckAttempts = 0; const maxAttempts = 20; // Check for 10 seconds const checkCalendlyWidget = setInterval(function() { widgetCheckAttempts++; // Look for various Calendly widget selectors const calendlyWidget = document.querySelector( '.calendly-inline-widget iframe, ' + '[data-url*="calendly.com"], ' + 'iframe[src*="calendly.com"], ' + '.calendly-popup-widget, ' + '.calendly-badge-widget' ); if (calendlyWidget) { trackCalendlyEvent({ event: 'calendly_event', calendly_event_type: 'widget_loaded', action: 'widget_loaded', event_category: 'Calendly', event_label: 'Calendly Widget Loaded', page_url: window.location.href, page_title: document.title, timestamp: new Date().toISOString(), load_time_ms: widgetCheckAttempts * 500, non_interaction: true }); clearInterval(checkCalendlyWidget); } else if (widgetCheckAttempts >= maxAttempts) { // Stop checking after max attempts clearInterval(checkCalendlyWidget); } }, 500); }); // Track Calendly popup/badge clicks if they exist document.addEventListener('click', function(e) { const target = e.target; // Check if the clicked element is a Calendly trigger if (target.matches('[href*="calendly.com"], .calendly-popup-widget, .calendly-badge-widget') || target.closest('[href*="calendly.com"], .calendly-popup-widget, .calendly-badge-widget')) { trackCalendlyEvent({ event: 'calendly_event', calendly_event_type: 'widget_clicked', action: 'widget_clicked', event_category: 'Calendly', event_label: 'Calendly Widget Clicked', page_url: window.location.href, page_title: document.title, timestamp: new Date().toISOString(), click_element: target.tagName + (target.className ? '.' + target.className.split(' ').join('.') : ''), click_text: target.textContent?.trim() || target.alt || target.title || '' }); } }); })(); </script> <noscript> <iframe src="https://www.googletagmanager.com/ns.html?id=GTM-5TQP35N" height="0" width="0" style="display:none;visibility:hidden">