Datawiza Docs

Microsoft Azure AD SAML

timer iconAbout 2 min

Microsoft Azure AD SAML Configuration

This session shows how to register a SAML application on the Microsoft Azure AD portal. When registering the application, we are getting the following value that is needed for later configuration in Datawiza Cloud Management Console (DCMC):

  • Metadata Url

App registration in Azure

  1. Choose Enterprise Applications from the left sidebar and create a new Registration by clicking New registration. Azure AD SAML
    Azure AD SAML
    Click Create your own application, input the name and select Integrate any other application you don't find in the gallery (Non-gallery), then click Create: Azure AD SAML

  2. Select Users and Groups, click Add user/group: Azure AD SAML
    By default, no one was assigned to this application. So click None Selected and select the users and groups that should have access to log in: Azure AD SAML
    Click Assign:
    Azure AD SAML

  3. On the left-hand navigation under Manage click Single sign-on. Select SAML on the Select a single sign-on method page: Azure AD SAML
    Then you will be navigated to the Set up Single Sign-On with SAML page. Azure AD SAML
    For Basic SAML Configuration, click Edit and configure with the following values:

    • Identifier (Entity ID): http://localhost:9772/saml/metadata
    • Reply URL (Assertion Consumer Service URL): http://localhost:9772/saml/acs

Azure AD SAML
Azure AD SAML
For Attributes & Claims, Under Additional Claims click ... then Delete and confirm the action next to each row and delete the four default claims.
Click + Add new claim at the top of the page. Configure with the following values:

NameNamespaceSourceSource attribute
emailLeave EmptyAttributeuser.userprincipalname
givenNameLeave EmptyAttributeuser.givenname
surnameLeave EmptyAttributeuser.surname
usernameLeave EmptyAttributeuser.displayname

Azure AD SAML
For groups, click + Add a group claim, select Security groups and customize the name of the group claim as groups: Azure AD SAML
Azure AD SAML
Azure AD SAML

  1. Back to Set up Single Sign-On with SAML page, for SAML Signing Certificate, copy the App Federation Metadata Url which is the Metadata Url needed for DCMC configuration. Azure AD SAML

Summary

We have shown how to register a SAML application on azure AD. Please make sure to save the following value for later setting in DCMC.

  • Metadata Url
You can also reach us on Discord
Copyright © 2022 Datawiza Technologies Inc