SAML Configuration for Azure
To set up an Microsoft Azure application as your Identity Provider to allow SAML authentication:
-
Log in to the Avanan
Administrator Portal:
-
Go to Security Settings > Settings and click Configure SAML.
The Configure SAML window appears.
-
To copy the SAML
SSO url, in the SAML
SSO URL field, click
.
-
Go to Security Settings > Settings and click Configure SAML.
-
Log in to the Microsoft Azure:
- Click Enterprise applications from the left navigation pane.
- Click New application.
- Select Non-gallery application.
- In the Name field, enter a name for the application.
- Click Add.
- Select Set up single sign on.
- Select SAML.
- In the Identifier (Entity ID) field, enter a unique string, for example, Avanan.
- In the Identifier (Entity ID) and Reply URL (Assertion Consumer Service URL) fields, paste the url copied in step 1.b.
- In the Sign on URL field, enter your Avanan Administrator Portal url.
- Click Save.
- In the User Attributes & Claims field, click .
-
From the Source attribute field, select one of these:
user.mail
user.userprinciplename
Note:Make sure that user.mail is populated for all relevant users when making your selection, if not, authenticating users becomes impossible.
- In the SAML signing certificate section, for Federation Metadata XML, click Download.
-
Log in to the Avanan
Administrator Portal:
-
Go to Security Settings > Settings and click Configure SAML.
The Configure SAML window appears.
- In the Metadata Source field, select Import a metadata file and upload the Federation Metadata XML file downloaded in step 2.n.
- Unselect the Are you running Azure AD checkbox.
- In the Identity Provider Entity ID field, enter the enter a unique string entered in step 2.h.
-
Go to Security Settings > Settings and click Configure SAML.
-
Log in to the Microsoft Azure Portal:
- Go to Manage > Users and groups.
- Click Add user.
- From the Users and groups list, select the user or group you want to grant access.
- Click Assign.
You are now able to login to the Avanan Administrator Portal with SAML.