Skip to main content

Entra ID (Azure AD) SAML

Step-by-step guide to configure Single Sign-on with Microsoft Entra ID as the Identity Provider.

1. Download Metadata XML

Sign into the SSO Configuration Portal, select Microsoft Entra ID, then SAML, and click on Configure.

Under Service Provider Details, click on Download Metadata XML.

Download Metadata
XML

Download Metadata XML

2. Create Enterprise Application

Login to Microsoft Entra ID in the Microsoft Azure Portal. Select the option for Entra ID application and locate the Enterprise Applications tab.

Locate Enterprise
applications

Locate Enterprise applications

In the Enterprise Applications tab New Application in the top navigation bar.

Click on New
application

Click on New application

Click on Create your own Application and give your application a name.

Select the Integrate any other application you don’t find in the gallery (Non-gallery) option. Click on Create.

Create a new application on Entra
ID

Create a new application on Entra ID

3. SAML Configuration

Locate the Single Sign-on option under Manage, and choose SAML.

Locate SAML under Single
sign-on

Locate SAML under Single sign-on

Click on Upload metadata file. Upload the Metadata XML file downloaded in step 1.

Click on Upload metadata
file

Click on Upload metadata file

Click on Save.

Save button

Save button

4. Attribute Mapping

Under Attributes & Claims, click on Edit.

Click on Edit

Click on Edit

Check the Attribute Mapping section in the SSO Configuration Portal, and carefully map the same attributes on your Entra ID app.

SSO Configuration
Portal

SSO Configuration Portal

Microsoft Entra
ID

Microsoft Entra ID

5. Assign User/Group

Go to the Users and groups tab, and click on Add user/group.

Here, please select all the required users or user groups that need login access to this application via Single Sign-On.

Assigning users and groups to your
application

Assigning users and groups to your application

6. Upload IdP Metadata URL

Under SAML Certification, copy the link under App Federation Metadata URL on Entra ID

Copy App Federation Metadata
URL

Copy App Federation Metadata URL

Under Identify Provider Configuration, select Configure using Metadata URL, and paste it under App Federation Metadata URL on the SSO Configuration Portal.

Paste App Federation Metadata
URL

Paste App Federation Metadata URL

7. Test Connection

Click on Test Connection. If everything is done correctly, you will see a Success response as shown below.

If the connection fails, you’ll see an error, the reason for the error, and a way to solve that error right on the screen.

Test your SAML application for
SSO

Test your SAML application for SSO

8. Enable connection

Click on Enable Connection. This will let all your selected users login to the new application via your Microsoft Entra ID SSO.

Enable SSO on Entra
ID

Enable SSO on Entra ID

With this, we are done configuring your Microsoft Entra ID application for an SSO login setup.


Is this page helpful? Yes No