Skip to main content
All CollectionsOrganization
How to set up Microsoft Entra ID for SSO?
How to set up Microsoft Entra ID for SSO?

In this article, we explain how to set up Microsoft Entra ID for SSO so that Allex users can quickly and easily authenticate with Microsoft Entra ID.

Carmen Zimmermann avatar
Written by Carmen Zimmermann
Updated this week

In this article you will learn:

  1. Adding an App in Microsoft Entra ID

  2. Setting up Single Sign On

1. Adding an App in Microsoft Entra ID

Prerequisites

1. Please refer to prerequisites in microsoft.com

Steps

1. Add a new app to Microsoft Entra ID by clicking on Enterprise applications.

2. Click on New application.

3. Click on Create your own application.

4. In the right panel enter the application name in the textbox (e.g. Allex SSO), select Integrate any other application you don't find in the gallery (Non-gallery) and then click on Create button.

5. After clicking on the Create button, the application will be created. This may take a few seconds.

2. Set up single sign on

Prerequisites

  1. Consult Allex team for the Identifier and Reply URL values in the Basic SAML Configuration section.

Steps

1. Click on Set up single sign on - Get started in the Overview page.

2. Click on SAML in the Single sign-on page.

3. Configure Basic SAML Configuration:

3.1 Click on Edit in the Basic SAML Configuration section.

3.2 Click on Add identifier in the Basic SAML Configuration right panel and add a valid url. This url can be anything that identifies the application. For convenience, you can use the identifier provided by the Allex team. However, it's also possible to assign your own value, but this must then be communicated to the Allex team.

3.3 Click on Add reply URL in the Basic SAML Configuration right panel and add a valid url. The Reply URL value provided by the Allex team must be used here.

3.4 Click on Save in the Basic SAML Configuration right panel.

3.5 Close the Basic SAML Configuration right panel.

4. Configure Attributes & Claims:

4.1 You can keep the default configuration as is.

4.2 If you want to edit/update the configuration, please make sure to always have attributes for email, first Name and last Name.

5. Configure SAML Certificates:

5.1 Click on Edit in the SAML Certificates Section.

5.2 Update Signing Option to Sign SAML response and assertion then click on Save in SAML Signing Certificate right panel.

Post Steps

  1. After finishing the steps, please provide the following details to the Allex team:

Section

Attribute

Basic SAML Configuration

Identifier (if chosen by yourself)

SAML Certificates

Certificate (Base64)

Set up

Login URL

Set up

Logout URL

Attributes & Claims

Additional claims - please check image below.

The logout URL required by the Allex team is different from the Logout Url (Optional) field under Basic SAML Configuration. It is usually auto-generated for the Microsoft Entra ID application, as shown in the image below.

Assign users and groups to an application

Please refer to Assign users and groups to an application

Did this answer your question?