Skip to main content

Azure AD

Discover step-by-step instructions on configuring a connection with Azure AD. Learn how to integrate your application with Azure AD for secure and streamlined SSO authentication.

Declare an application

Directory screen
  1. Click on "Add"
  2. Select "Enterprise Application"
Own application screen

Click on "Create your own application."

Own application screen
  1. Choose a name for your app
  2. Select "Integrate any other application you don’t find in the gallery (Non-Gallery)."
  3. Click on "Create"

SAML configuration

App screen

Click on "2. Set up single sign on"

Unique authentication screen

Click on "SAML"

Unique authentication screen

Click on "Edit" in the "Basic SAML Configuration" section.

Unique authentication screen
  1. Click on "Add identifier"
  2. Click on "Add reply URL."
Unique authentication screen
  1. Paste the "Identifier (Entity ID)" value you find on the right side of this tutorial 👉
  2. Set this Entity ID as the default.
Unique authentication screen
  1. Paste the "Reply URL (Assertion Consumer Service URL)" value you find on the right side of this tutorial 👉
Unique authentication screen
  1. Paste the "Logout Url" value you find on the right side of this tutorial 👉
  2. Click on "Save" and close the SAML configuration panel.
Testing prompt

If you are asked to test your application, click on "No, I’ll test later."

Attributes Mapping

Azure Ad - Attribute mapping screen

Set the attribute mapping values

Azure Ad - Attribute mapping screen

In the next steps of this tutorial, you will be invited to edit the existing mapping by clicking on the corresponding lines.

Azure Ad - Attribute mapping screen
  1. Edit the emailaddress mapping
  2. In "Name" 👉 email
  3. In "Source attribute" 👉 user.mail
Azure Ad - Attribute mapping screen
  1. Edit the surname mapping
  2. In "Name" 👉 family_name
  3. In "Source attribute" 👉 user.surname
Azure Ad - Attribute mapping screen
  1. Edit the givenname mapping
  2. In "Name" 👉 given_name
  3. In "Source attribute" 👉 user.givenname
Azure Ad - Add Attribute

The next mapping does not exist, you will have to create it by clicking on "Add new claim."

Azure Ad - Attribute mapping screen
  1. In "Name" 👉 idp_user_id
  2. In "Source attribute" 👉 user.objectid
Azure Ad - Attribute mapping screen

Certificate

Download PFX Certificate
  1. Click on "Generate PFX file" in the right sidebar.
  2. Copy the PFX Password
  3. Download the PFX File
Edit SAML Signature Certificate

On the Single sign-on SAML main page, click on "Edit" in the "SAML Certificates" section.

Import Certificate

Click on "Import Certificate"

Upload PFX file
  1. Upload the downloaded PFX file.
  2. Provide the password
  3. Click on "Add"
Set Certificate as Default
  1. On your newly added certificate, click on the three dots action button.
  2. Click on "Make Certificate active."
  3. Click on "Save"

Users and groups

Users and groups

Add some users to this app ("Users and groups" in the left sidebar).

Users and groups

Click on "Add user/group."

Users and groups

Click on "None Selected"

Users and groups

Select yourself and the users you wish to add.

Users and groups

Click on "Select" at the bottom of the screen.

Users and groups

To assigns the users to your app click on "Assign."

XML Metadata file

Unique authentication screen
  1. Now, go back to your Application Home Page.
  2. Click on "Single sign-on" in the left sidebar.
Unique authentication screen

Click on the "Download" link next to the "Federation Metadata XML" label in the "SAML Certificates" section.

Unique authentication screen

Drop your downloaded XML Metadata.

Test SSO login

Test SSO login