Azure AD SSO

Follow these steps to add Azure as the SAML SSO provider for your workspace:

  1. Open Buddy SSO settings in one browser tab.
  2. In another tab, sign in to Azure and open Azure Active Directory:

  1. From the left navigation, select Enterprise Applications:

  1. Click the +New application button:

  1. Click +Create your own application, define the app name, and click Create:

  1. Go to Single sign-on and select SAML:

  1. Edit the Basic SAML Configuration:

  1. Fill in the application details with the data copied from Buddy SSO configuration:

    • Reply URL (Assertion Consumer Service URL) → ACS / SP Assertion Consumer Service / Single Sign-On from Buddy
    • Identifier (Entity ID) → SP Entity ID / Audience URI from Buddy
  2. Save the changes.
  3. Refresh Azure page
  4. Save the data required for SSO configuration in Buddy for later use: Login URL, Azure AD Identifier, and download the certificate.
  5. Go to Users and groups and assign users to the application according to your need:

To see the Azure SSO identifier in the People tab:

  1. In Azure, go to Single sign-on → Attributes & Claims
  2. Set the Unique User Identifier to user.mail:

  1. Return to Buddy's SSO settings tab and provide the information you copied from Azure:

    • SSO URL / SAML Endpoint / Identity Provider Single Sign-On URL → Login URL from Azure
    • Issuer → Azure AD Identifier from Azure
    • Certificate → upload the Azure certificate you downloaded
    • Signature / Digest Method → leave at Most popular
  2. Click Test configuration and enable SSO on success.
  3. Sign in to your Azure account to save the SSO configuration.

Last modified on May 8, 2023

Get Started

Sign up for free and deploy your project in less than 10 minutes.