> Cloud Application Resilience > Identity and Access Management > Configure an identity provider

Configure SSO using a Microsoft Entra enterprise application

You can configure SSO using an Azure Enterprise app.

Note

Microsoft Entra supports up to 150 user groups for each SAML token. If a user belongs to more than 150 user groups when Microsoft Entra issues the SAML token, the user might experience unpredictable results. For more information, Configure group claims for applications by using Microsoft Entra ID.

Create the enterprise application in Microsoft Entra

  1. Go to the Microsoft Entra admin center.

  2. From the navigation pane, go to Applications > Enterprise applications.

  3. Click + New application.

  4. Under Browse Microsoft Entra Gallery, click + Create your own application.

  5. Enter a name for the application.

  6. Select Integrate any other application you don't find in the gallery (Non-gallery).

  7. Click Create.

  8. Under the Getting Started section, assign the users and user groups that you want to have access to the Cloud Rewind application.

  9. From the navigation pane, go to Single sign-on, and then click the SAML tile.

  10. In the upper-right corner of the Basic SAML Configuration section, click Edit.

  11. For Identifier (Entity ID), enter the entity ID from your Cloud Rewind SAML configuration.

  12. For Reply URL (ACS URL), enter the ACS ID from Cloud Rewind.

  13. In the upper-right corner of the Attributes & Claims section, click + Add a new claim.

  14. For Name, enter the claim name as email.

  15. For Source type, enter Attribute.

  16. For Source attribute, enter user.mail.

  17. Click Save.

  18. Download the certificate (Base64), open the certificate, and then copy the value.

Configure identity provider details

  1. In the Cloud Rewind navigation pane, click IAM, and then click Authentication.

  2. In the SAML tile, click Enable.

  3. Enable the Enable single-sign-on toggle key.

  4. Copy the following values from Microsoft Entra, and then paste them in Cloud Rewind:

    • Entity ID

    • ACS URL

    • Certificate

  5. For Default role assignment, select the role to apply to new users automatically upon their first login.

    Note

    This configuration does not change roles for existing users.

  6. To allow users managed by Cloud Rewind to log in to the console using their Cloud Rewind credentials, enable the Grant access using Cloud Rewind credentials toggle key.

  7. On the Microsoft Entra SAML configuration page, click Test to verify that SSO works.

×

Loading...