Set-up SAML SSO with Azure

Setup Single Sign-on with Azure enterprise application

  1. Sign-in to your Azure admin portal

  2. In the left menu bar, click on Microsoft Entra ID

  1. Click on Enterprise applications in the left menu bar

  2. In the Enterprise applications page, click on New application

  3. In the Browse Microsoft Entra Gallery page, click on Create your own application

  1. In the Create your own application,

    1. Enter a name for the application. For example fp-saml-sso-application

    2. Select Integrate any other application you don't find in the gallery (Non-gallery)

  1. Click on the Create button

  2. In the newly created application page, select Single sign-on in the left menu bar

  1. Select SAML in the Select a single sign-on method

  1. In the Set up Single Sign-On with SAML page, click on the Edit icon under Basic SAML configuration

  1. On the configuration page, click on the Add Identifier button

  1. Now you will need to get the following values from the Fenixpyre admin dashboard.

    1. Identifier (Entity ID)

    2. Reply URL (Assertion Consumer Service URL)

    3. Sign on URL

  2. Sign in to the Fenixpyre admin dashboard

  3. Click on Identity & Provisioning under Security in Settings (Left Navigation Menu)

  1. Switch to SAML SSO Tab

  1. Click on Add new SAML SSO and select Setup Azure AD SAML SSO

  1. You will be presented with a dialogue which contains the following values:

    1. Identifier (Entity ID)

    2. Reply URL (Assertion Consumer Service URL)

    3. Sign on URL

  1. Copy the Identifier (Entity ID), Reply URL (Assertion Consumer Service URL), and Sign on URL and paste it in the Azure Basic SAML configuration page like shown below.

  1. Click on the Save button, You will navigated back to the SSO landing page.

  1. Click on the Permissions in the left menu bar and then click on app registration.

  2. In the API permissions page, click on Add a permission

  3. Add the following API permissions

    1. Microsoft Graph -> Delegated permissions -> User.Read

    2. Microsoft Graph -> Delegated permissions -> Directory.Read.All

  1. Click on **Grant admin consent **

  2. Go back to Enterprise applications -> find the fp-saml-sso-application, and then click on Single sign-on.

  3. Download the Base64 certificate, and copy the Login URL

  1. Paste the Login URL in the Sign-in URL field on the Fenixpyre dashboard, and upload the Base64 certificate you downloaded to the Fenixpyre dashboard.

  1. You will see a success dialogue box if the setup is successful.

  2. Click on Close or Logout and verify the connection to verify the newly added SAML SSO.

Last updated

Was this helpful?