# Set-up SAML SSO with Azure 1. Sign-in to your Azure admin portal 2. In the left menu bar, click on Microsoft Entra ID

3. Click on **Enterprise applications** in the left menu bar 4. In the Enterprise applications page, click on **New application** 5. In the **Browse Microsoft Entra Gallery** page, click on **Create your own application**

6. In the **Create your own application**, 1. Enter a name for the application. For example **fp-saml-sso-application** 2. Select **Integrate any other application you don't find in the gallery (Non-gallery)**

7. Click on the **Create** button 8. In the newly created application page, select **Single sign-on** in the left menu bar

9. Select SAML in the **Select a single sign-on method**

10. In the **Set up Single Sign-On with SAML** page, click on the Edit icon under **Basic SAML configuration**

11. On the configuration page, click on the **Add Identifier** button

12. Now you will need to get the following values from the Fenixpyre admin dashboard. 1. Identifier (Entity ID) 2. Reply URL (Assertion Consumer Service URL) 3. Sign on URL 13. Sign in to the Fenixpyre admin dashboard 14. Click on Identity & Provisioning under Security in Settings (Left Navigation Menu)

15. Switch to SAML SSO Tab

16. Click on **Add new SAML SSO** and select **Setup Azure AD SAML SSO**

17. You will be presented with a dialogue which contains the following values: 1. Identifier (Entity ID) 2. Reply URL (Assertion Consumer Service URL) 3. Sign on URL

18. Copy the **Identifier (Entity ID)**, **Reply URL (Assertion Consumer Service URL)**, and **Sign on URL** and paste it in the **Azure Basic SAML configuration** page like shown below.

19. Click on the **Save** button, You will navigated back to the SSO landing page.

20. Click on the **Permissions** in the left menu bar and then click on **app registration**. 21. In the API permissions page, click on **Add a permission** 22. Add the following API permissions 1. Microsoft Graph -> Delegated permissions -> User.Read 2. Microsoft Graph -> Delegated permissions -> Directory.Read.All {% embed url="" %} 23. Click on \*\*Grant admin consent \*\* 24. Go back to **Enterprise applications** -> find the **fp-saml-sso-application**, and then click on **Single sign-on**. 25. Download the Base64 certificate, and copy the **Login URL** {% embed url="" %} 26. Paste the **Login URL** in the **Sign-in URL** field on the Fenixpyre dashboard, and upload the Base64 certificate you downloaded to the Fenixpyre dashboard. {% embed url="" %} 27. You will see a success dialogue box if the setup is successful. 28. Click on **Close** or **Logout and verify the connection** to verify the newly added SAML SSO. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.fenixpyre.com/fenixpyre-for-admins/admin-dashboard/identity-and-provisioning/saml-single-sign-on-sso-setup/set-up-saml-sso-with-azure.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.