Skip to main content

Microsoft Entra ID (formerly Azure AD) SAML SSO

In this section, we will show you how to set up your own custom SAML application for Microsoft Entra ID SAML.

Create Application

From your Azure Admin console, click Enterprise applications from the left navigation menu.

Microsoft Entra ID SAML Step 1

If your application is already created, choose it from the list and move to the section Configure Application

If you haven't created a SAML application, click New application from the top to create a new application.

Microsoft Entra ID SAML Step 2

From the next screen, click Create your own application. Give your application a Name and click Create.

Microsoft Entra ID SAML Step 3

Configure Application

Select Single Sign On from the Manage section of your app and then SAML.

Microsoft Entra ID SAML Step 4

Click Edit on the Basic SAML Configuration section.

Microsoft Entra ID SAML Step 5

Enter the following values in the Basic SAML Configuration section on the next screen:

  • Identifier (Entity ID)
  • Reply URL (Assertion Consumer Service URL)

Replace the values with the ones you have received from SAML Jackson.

Click Save to save your changes.

Microsoft Entra ID SAML Step 6

Attribute Mapping

Click Edit on the Attributes & Claims section.

Microsoft Entra ID SAML Step 7

You have to configure the following attributes under the Attributes & Claims section:

NameValue
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddressuser.mail
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givennameuser.givenname
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameuser.userprincipalname
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surnameuser.surname

See the screenshot below.

Microsoft Entra ID SAML Step 8

Go to the section SAML Signing Certificate section and download the Federation Metadata XML.

Microsoft Entra ID SAML Step 9

Next steps

You've successfully configured your custom SAML application for Microsoft Entra ID SAML. At this stage, you can assign users to your application and start using it.

Resources

tip

Got a question? Ask here