In this article you will learn:

1. Please refer to prerequisites in microsoft.com

1. Add a new app in Azure AD by click Enterprise applications.

2. Click New application.

3. Click Create your own application.

4. In the right panel enter application name in the textbox (e.g. Allex SSO), select Integrate any other application you don't find in the gallery (Non-gallery) and then click Create button.

5. After clicking the Create button, the application will be created. This may take a few seconds.

1. Click Set up single sign on - Get started in the Overview page.

2. Click SAML in the Single sign-on page.

3. Configure Basic SAML Configuration:

3.1 Click Edit in the Basic SAML Configuration section.

3.2 Click Add identifier in the Basic SAML Configuration right panel and add a valid url. This url can be anything that identifies the application. For convenience, you can use the identifier provided by the Allex team. However, it's also possible to assign your own value, but this must then be communicated to the Allex team.

3.3 Click Add reply URL in the Basic SAML Configuration right panel and add a valid url. The Reply URL value provided by the Allex team must be used here.

3.4 Click Save in the Basic SAML Configuration right panel.

3.5 Close the Basic SAML Configuration right panel.

4. Configure Attributes & Claims:

4.1 You can keep the default configuration as is.

4.2 If you want to edit/update the configuration, please make sure to always have attributes for email, first Name and last Name.

5. Configure SAML Certificates:

5.1 Click Edit in the SAML Certificates Section.

5.2 Update Signing Option to Sign SAML response and assertion then click Save in SAML Signing Certificate right panel.

The logout URL required by the Allex team is different from the Logout Url (Optional) field under Basic SAML Configuration. It is usually auto-generated for the Azure application, as shown in the image below.

Please refer to Assign users and groups to an application