Skip to main content

Microsoft Entra ID (formerly Azure AD) SAML SSO

In this section, we will show you how to set up your own custom SAML application for Microsoft Entra ID SAML.

Create Application

From your Azure Admin console, click Enterprise applications from the left navigation menu.

img alt

If your application is already created, choose it from the list and move to the section Configure Application

If you haven't created a SAML application, click New application from the top to create a new application.

img alt

From the next screen, click Create your own application. Give your application a Name and click Create.

img alt

Configure Application

Select Single Sign On from the Manage section of your app and then SAML.

img alt

Click Edit on the Basic SAML Configuration section.

img alt

Enter the following values in the Basic SAML Configuration section on the next screen:

  • Identifier (Entity ID)
  • Reply URL (Assertion Consumer Service URL)

Replace the values with the ones you have received from SAML Jackson.

Click Save to save your changes.

img alt

Attribute Mapping

Click Edit on the Attributes & Claims section.

img alt

You have to configure the following attributes under the Attributes & Claims section:

NameValue
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddressuser.mail
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givennameuser.givenname
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameuser.userprincipalname
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surnameuser.surname

See the screenshot below.

img alt

Go to the section SAML Signing Certificate section and download the Federation Metadata XML.

img alt

Next steps

You've successfully configured your custom SAML application for Microsoft Entra ID SAML. At this stage, you can assign users to your application and start using it.

Resources

tip

Got a question? Ask here