SAML Configuration for Azure

This document is a step-by-step guide to setting up an Azure app as your IDP (identity provider) to allow SAML authentication.
 
1. Navigate to https://aad.portal.azure.com and click Enterprise Applications from the left hand menu
 
SAML-Azure-1
 
 
2. Click new application:
 
SAML-Azure-2
 
 
3. Select non-gallery application
 
SAML-Azure-3
 
 
4. Enter a name for the Application and click add
 
SAML-Azure-4
 
 
5. Select set up single sign on
 
SAML-Azure-5
 
 
6. On the next screen select SAML
 
SAML-Azure-6
 
 
7. For the Identifier, enter any unique string, this will be used later
 
SAML-Azure-7
 
 
8. The two steps are from the Avanan portal. From the menu click Configuration → Settings, then click Configure SAML
 
SAML-Azure-8
 
 
9. In the Configure SAML window copy the SSO URL
 
SAML-Azure-9
 
 
10. Paste the URL copied in the previous step, into the Reply URL field
 
SAML-Azure-10
 
 
11. Place the URL for your Avanan portal in the sign-on URL field and then click save in the top left corner of the window
 
SAML-Azure-11
 
 
12. Click the edit pencil in the User Attributes and Claims box
 
SAML-Azure-12
 
 
13. Set the unique user identifier to user.mail
 
SAML-Azure-13a
 
SAML-Azure-13b
 
Once the value is saved click X in the top right corner to close this window
 
 
14. Download the Federation Metadata XML File
 
SAML-Azure-14
 
 
15. Back in the Avanan portal Configure SAML window, upload the metadata file:
 
SAML-Azure-15
 
 
16. Check off the Are you running Azure AD box. Under the Azure AD entity ID, input the Identifier you entered in Azure from step 7 then click save
 
SAML-Azure-16
 
 
17. Back in the Azure portal, the next step is to assign users to this new application. Click users and Groups from the menu and then click Add Users
 
SAML-Azure-17
 
 
18. Select the User or Group you want to grant access and click Assign
 
SAML-Azure-18
 
 
19. You should now be able to login to the Avanan portal using the Login with SAML button
 
SAML-Azure-19