Entra ID (Azure AD) SAML

Step-by-step guide to configure Single Sign-on with Microsoft Entra ID as the Identity Provider.

1. Download Metadata XML

Sign into the SSO Configuration Portal, select Microsoft Entra ID, then SAML, and click on Configure.

Under Service Provider Details, click on Download Metadata XML.

2. Create Enterprise Application

Login to Microsoft Entra ID in the Microsoft Azure Portal. Select the option for Entra ID application and locate the Enterprise Applications tab.

Locate Enterprise
applications — Locate Enterprise applications

In the Enterprise Applications tab New Application in the top navigation bar.

Click on New
application — Click on New application

Click on Create your own Application and give your application a name.

Select the Integrate any other application you don’t find in the gallery (Non-gallery) option. Click on Create.

Create a new application on Entra
ID — Create a new application on Entra ID

3. SAML Configuration

Locate the Single Sign-on option under Manage, and choose SAML.

Locate SAML under Single
sign-on — Locate SAML under Single sign-on

Click on Upload metadata file. Upload the Metadata XML file downloaded in step 1.

Click on Save.

4. Attribute Mapping

Under Attributes & Claims, click on Edit.

Check the Attribute Mapping section in the SSO Configuration Portal, and carefully map the same attributes on your Entra ID app.

5. Assign User/Group

Go to the Users and groups tab, and click on Add user/group.

Here, please select all the required users or user groups that need login access to this application via Single Sign-On.

Assigning users and groups to your
application — Assigning users and groups to your application

6. Upload IdP Metadata URL

Under SAML Certification, copy the link under App Federation Metadata URL on Entra ID

Copy App Federation Metadata
URL — Copy App Federation Metadata URL

Under Identify Provider Configuration, select Configure using Metadata URL, and paste it under App Federation Metadata URL on the SSO Configuration Portal.

Paste App Federation Metadata
URL — Paste App Federation Metadata URL

7. Test Connection

Click on Test Connection. If everything is done correctly, you will see a Success response as shown below.

If the connection fails, you’ll see an error, the reason for the error, and a way to solve that error right on the screen.

Test your SAML application for
SSO — Test your SAML application for SSO

8. Enable connection

Click on Enable Connection. This will let all your selected users login to the new application via your Microsoft Entra ID SSO.

Enable SSO on Entra
ID — Enable SSO on Entra ID

With this, we are done configuring your Microsoft Entra ID application for an SSO login setup.

1. Download Metadata XML​

2. Create Enterprise Application​

3. SAML Configuration​

4. Attribute Mapping​

5. Assign User/Group​

6. Upload IdP Metadata URL​

7. Test Connection​

8. Enable connection​