SAML SSO with Azure

This article explains how to configure Azure as SAML Provider for the Avanan MSP Portal.

  1. From your Azure portal menu, navigate to Enterprise Applications > New Application > Select Non-Gallery Application.

  2. Name the new application and click add.
    From the next screen, click Single Sign on in the menu and select SAML

  3. Click the edit icon next to Basic SAML configuration. You will need the ACS URL value which you can copy from the MSP portal under Settings > Configure SAML modal.

  4. Copy the two fields Identifier and Reply URL from the ACS URL value on the MSP portal to to the Basic SAML Configuration dialog in the Azure portal (see below).

  5. Click Save.

  6. Click the edit pencil in the User Attributes & Claims section. Click the Value field under required claim, and select user.mail as the Source attribute.

  7. Click Save.

  8. Your configuration should now look like this:

  9. Under SAML Signing Certificate, either download the metadata or copy the metadata URL (both options marked below).

  10. Based on your choice in the previous step, provide the metadata URL or upload the metadata file to the MSP portal Configure SAML modal. Make sure enable SAML is checked on the form.

  11. Click Save.

  12. Make sure to add users to the SAML Application in your Azure Portal.

  13. Enable SAML Login under User Authentication Methods for the relevant users.