Configure SSO with Microsoft Entra ID

Required permissions

• You must have the Users Manager permission for the DoiT console.

• You must have one of the following roles in Microsoft Entra ID(formerly Azure Active Directory): Global Administrator, Cloud Application Administrator, Application Administrator, or owner of the service principal.

SAML setup

Step 1: Create a SAML application

Tip

Steps below might vary slightly based on the portal you start from.

To create a SAML application in Microsoft Entra ID:

1. Sign in to the Microsoft Entra admin center.

2. In the Identity section, select Applications, and then select Enterprise application. This will open the All applications pane with the list of applications in your Microsoft Entra tenant.

3. Select New application, and then select Create your own application.

4. Enter a name for the new application, select Integrate any other application you don't find in the gallery (Non-gallery), and then select Create.

5. In the Getting Started section, select 2. Set up single sign on, and then choose SAML as the single sign-on method.

6. On the Set up Single Sign-On with SAML pane, select Edit in Basic SAML Configuration.

7. Get information for your IdP and add the following to the Basic SAML Configuration.

   • Identifier (Entity ID): The Service provider entity ID provided in the DoiT console.

   • Reply URL (Assertion Consumer Service URL): The Callback URL provided in the DoiT console.

   • Sign on URL: The IdP Login URL provided in the DoiT console.

8. Save the configuration.

Step 2: Configure SAML in the DoiT console

This step uses the application settings generated by Microsoft Entra ID in the previous step to configure SAML in the DoiT console.

1. Sign in to the DoiT console, select the gear icon () from the top navigation bar, and then select Identity & access.

2. Select Single sign-on from the left-hand menu, and then select Configure (or Edit configuration) in SAML.

3. Copy the SAML application settings to the corresponding fields in the DoiT console.

   • Entity ID: The Microsoft Entra ID Identifier provided in the Set up {appName} section in the Microsoft Entra admin center.

   • SSO URL: The Login URL provided in the Set up {appName} section in the Microsoft Entra admin center.

   • Certificate: The SAML certificate in Base64 format that can be downloaded in the SAML Certificates section in the Microsoft Entra admin center.

4. Save the configurations. SAML will be automatically enabled when you press Confirm.

Step 3: Assign application to users

To allow individual users to access the application:

1. In the Microsoft Entra admin center, select Users and groups from the Manage section in the left-hand menu.

2. Select Add user/group.

3. Select users and assign them to the application.

Step 4: Verify the SSO configuration

To verify the SSO configuration:

1. Navigate to the DoiT console sign-in page.

2. Select Sign in with SSO. You'll be redirected to the Microsoft Entra ID website.

3. Authenticate with your credentials as an end user.

If successful, you'll land on the DoiT console Home page.

Interactive demo

Try out our interactive demo for a hands-on walk-through experience.

If the demo doesn't display properly, try expanding your browser window or opening the demo in a new tab.

See also

• Enable single sign-on for an enterprise application

• OpenID Connect authentication with Microsoft Entra ID