Step 1: Setup Azure AD as Identity Provider
- SP Entity ID
- ACS URL
Prerequisites:
Copy these values from the Service Provider Info tab of the SAML plugin.
Instructions:
×
![]()
- Log in to Azure AD Portal
- Select ⇒ Azure Active Directory ⇒ App Registrations. Click on New Application Registration.
- Assign a Name and choose the account type.In the Redirect URI field, provide the ACS URL provided in Service Provider Info tab of the plugin and click on Register button.
- Now, navigate to Expose an API menu option and Click the Set button and replace the APPLICATION ID URI with the plugin's SP Entity ID
- Go back to Azure Active Directory ⇒ App Registrations window and click on Endpoints link.
- This will open up a window with multiple URLs listed there. Copy the Federation Metadata Document URL. This will be required while configuring the SAML plugin.
×
![]()
- Log in to Azure AD Portal
- Select ⇒ and Azure Active Directory ⇒ Enterprise Applications.
- Click on New Application.
- Click on Non-gallery application section and enter the name for your app and click on Add button.
- Click on Single sign-on from the application's left-hand navigation menu. The next screen presents the options for configuring single sign-on. Click on SAML.
- Edit the option 1 :Basic SAML Configuration to configure plugin endpoints.
- Enter the SP Entity ID for Identifier and the ACS URL for Reply URL from Service Provider Info tab of the plugin.
- Click on Save icon.
- By default, the following Attributes will be sent in the SAML token. You can view or edit the claims sent in the SAML token to the application under the User Attributes & Claims tab.
- You can add attribute using Add new claim
- Copy App Federation Metadata Url from setup tab.
- Click on User and groups from the applications left-hand navigation menu. The next screen presents the options for assigning the users/groups to the application.
×
![]()