Azure AD as IDP

Setup Azure AD as Identity Provider

Prerequisites:

  • Copy these values from the Service Provider Info tab of the SAML plugin.
    • SP Entity ID
    • ACS URL

Instructions:

  1. Log in to Azure AD Portal
  2. Select Azure Active Directory ⇒ App Registrations. Click on New Application Registration.New Application - Azure AD SSO
  3. In Create Application dialogue, enter the name of the application, keep Application type as Web app/API and enter ACS URL copied from the plugin as Sign-On URL and create the application.                                                                                                       Create Application - Azure AD SSO
  4. The newly created application’s information will show up. Click on Settings  Properties. Enter SP entity ID copied from the plugin as APP ID and save it.APP ID - Azure AD SSO
  5. Go back to Azure Active Directory ⇒ App Registrations window and click on Endpoints link.Endpoints - Azure AD SSO
  6. This will open up a window with multiple URLs listed there. Copy the Federation Metadata Document URL. This will be required while configuring the SAML plugin.Copy Federation Metadata Document URL - Azure AD SSO
  1. Log in to Azure AD Portal
  2. Select Azure Active Directory ⇒ Enterprise Applications.Enterprise Application - Azure AD SSO
  3. Click on New Application.New Application - Azure AD SSO
  4. Click on Non-gallery application section and enter the name for your app and click on Add button.Non Gallary Application - Azure AD SSO
  5. Click on Single sign-on from the application’s left-hand navigation menu. The next screen presents the options for configuring single sign-on. Click on SAML.SAML Application - Azure AD SSO
  6. Enter the SP Entity ID for Identifier and the ACS URL for Reply URL from Service Provider Info tab of the plugin.SP URLs - Azure AD SSO
  7. By default, the following Attributes will be sent in the SAML token. You can view or edit the claims sent in the SAML token to the application under the Attributes tab.Attributes - Azure AD SSO
  8. Copy App Federation Metadata Url. This will be used while configuring the SAML plugin.Metadata URL - Azure AD SSO
  9. Click on User and groups from the applications left-hand navigation menu. The next screen presents the options for assigning the users/groups to the application.Assign Users - Azure AD SSO