System administrators Single Sign On Setting up automatic sign-in for Azure AD

Setting up automatic sign-in for Azure AD

Published on: May 16, 2024
Edited on: November 28, 2024

You can integrate eformity.net with Microsoft Azure Active Directory (Azure AD) to automatically sign in users. Additionally, roles in Azure AD can be managed, and data such as name, position, and phone number can be utilized from Azure AD.

Step 1: Add 'Enterprise Application'

To establish the connection, you need to create an Enterprise application in Azure AD. Within the Azure Active Directory environment, create a new 'Enterprise application' and select 'Non-gallery application':

Step 2: Configure users

After the application is created, select 'Users and groups' on the left. Specify the users and groups that should have access.

Step 3: Enable Single Sign-On

Once users are assigned, click 'Single sign-on' on the left and then choose 'SAML'. This screen is divided into different sections:

Basic SAML Configuration

In both the 'Identifier' and 'Reply URL' fields, enter the same URL in the format: https://[subscription-code].eformity.net/saml/signin. For example, if your subscription code is blueorange, you would enter: https://blueorange.eformity.net/saml/signin.

User Attributes & Claims

You now need to add a new claim in 'User Attributes & Claims'. Some claims are already listed by default. To add a new claim, click on 'Add new claim'.

When adding a new claim, fill in the following details:

NameNamespaceAttribute
CommonNamehttp://schemas.xmlsoap.org/claimsuser.displayname

After creating a new claim, you can also add a new group. Use 'Add a group claim' to add a new group. The image below shows the values to use when creating the new group:

You have now completed the basic configuration for automatic sign-in via Azure AD. When you have successfully created a new group, you will see the following appear:

Step 4: Complete configuration with eformity

Before we can activate the connection, we need some additional information. If you provide the following information to your contact person within eformity, we can assist you with activating the connection:

  • SAML Signing Certificate: Download the certificate as Base64
  • TenantId: The tenantId of the Azure AD environment

References