Azure SAML

Follow these steps to add Azure as the SAML SSO provider for your workspace:

  1. Open Buddy SSO settings in one browser tab and switch to SAMLAzure.
  2. In another tab, sign in to Azure and open Microsoft Entra ID:

Image loading...

  1. From the left navigation, select Enterprise Applications:

Image loading...

  1. Click the +New application button:

Image loading...

  1. Click +Create your own application, define the app name, and click Create:

Image loading...

  1. Go to Single sign-on and select SAML:

Image loading...

  1. Edit the Basic SAML Configuration:

Image loading...

  1. Fill in the application details with the data copied from Buddy SSO configuration:

    • Identifier (Entity ID)
    • Reply URL (Assertion Consumer Service URL)
  2. Save the changes.
  3. Refresh Azure page
  4. Save the data required for SSO configuration in Buddy for later use: Login URL, Azure AD Identifier, and download the certificate.
  5. Go to Users and groups and assign users to the application according to your need:

Image loading...

Tip

To see the Azure SSO identifier in the People tab:

  1. In Azure, go to Single sign-on → Attributes & Claims
  2. Set the Unique User Identifier to user.mail:

Image loading...

  1. Return to Buddy's SSO settings tab and provide the information you copied from Azure:

    • Login URL
    • Azure AD Identifier
    • Certificate → upload the Azure certificate that you downloaded
    • Signature / Digest Method → leave at Most popular
  2. Click Test configuration and enable SSO on success.
  3. Sign in to your Azure account to save the SSO configuration.
Last update:
Sep 23, 2024