This guide explains the steps to configure Microsoft Single Sign-On (SSO) for your organization using Microsoft Entra ID (formerly Azure AD).
Benefits of Microsoft SSO Integration All organization members can enable single sign-on using Microsoft credentials. Centralized user access management via Microsoft Entra ID. Secure access control across all applications. Prerequisites Microsoft Entra ID Premium License (recommended for full functionality) Global Administrator or Application Administrator privileges in Microsoft Entra ID Verified domain ownership in your Microsoft tenant Users with email addresses matching the organization’s domain Organization account already created in the application Organization Owner or Administrator role in the application Setup Steps
Click + New application.
Select Create your own application.
Choose Integrate any other application you don't find in the gallery (Non-gallery).
Enter the application name (e.g., "OrganizationName App SSO").
Click Create.
Select SAML as the SSO method.
In the Basic SAML Configuration section, click Edit.
To obtain the required information, enable SSO from your organization’s settings.
Identifier (Entity ID): Contact your application administrator. Reply URL: Contact your application administrator. Sign-on URL: Automatically generated after SSO setup.
Claims in Entra ID must exactly match the following values (including additional claims). If not, SSO authentication may fail.
Required Claim:
Unique user identifier (Name ID): SAML user.userprincipalname [nameid-format:emailAddress] Additional Claims:
These should be set automatically, but confirm their presence.