WebsiteBlogLogin

Use Microsoft Entra ID as your Identity Provider

Overview

After enabling Onum as a service provider, you can set up Microsoft Entra ID as an identity provider for SAML. You need to create a SAML app in your Entra Admin Center to register your Callback URL so that Microsoft Entra ID can send SAML responses to the correct location.

Set up your custom Microsoft EntraID app

To activate Microsoft Entra ID as an identity provider for SAML authorization, you need a Microsoft Entra ID administrator account.

1

Log in to your Entra Admin Center. In the left menu, select Applications > Enterprise applications > New application > Create your own application.

2

Enter a name for the app (e.g., MyApp SAML SSO). Then, select Integrate any other application you don’t find in the gallery (Non-gallery). Click Create.

3

In your new application’s overview, go to Single sign-on. Choose SAML as the SSO method.

4

Now you’ll see a 4-step wizard. First, you must enter these details from Onum:

Onum will not show the required Callback URL until you enter the identity provider details, so we will enter a placeholder URL here.

Parameter
Description

Identifier (Entity ID) / Reply URL (ACS URL)

Enter a temporary URL in these fields (eg, https://placeholder.example.com/saml/acs). You can copy the Callback URL if you already know it, or just use a dummy placeholder. We'll edit these fields later with the real value.

Sign-on URL

You can leave this blank.

Click Save when you're done.

5

In the next step, you must define the User Attributes & Claims. By default, NameID is the user’s user.userprincipalname (often the email).

6

You'll get the IdP metadata.

Now access Onum and go to the Authentication area in your Admin menu. Once there, click the Configure Single-Sign-On button and select SAML in the Authentication method field. Enter the following in the fields that appear:

Parameter
Description

IdP Entity ID

Enter the Azure AD Identifier from Microsoft EntraID.

Single Sign-On URL

Enter the Login URL from Microsoft EntraID.

Certificates

Paste the Certificate (Base64) from Microsoft EntraID.

Now click Save. You'll be given a Callback URL.

7

Go back to Microsoft Entra ID and paste the Callback URL into your app’s SAML configuration.

8

Next, access Users and groups > Add user/group and assign the app to the required users/groups.

Done! Microsoft Entra ID is now your identity provider for Onum.

PreviousUse OneLogin as your Identity ProviderNextSingle Sign-On (SSO) with OpenID

Last updated

Was this helpful?