Azure AD

  1. Login to Azure AD with your existing account (azure.microsoft.com). If you don't have one, visit: https://azure.microsoft.com/en-us/

  2. Select "Portal" From the Menu Bar

  1. In Azure Active Directory, navigate to Enterprise Applications in the menu bar on the left and click "New Application".

2. Click on Non-gallery application.

A screenshot of a social media post

Description automatically generated

3. Enter your application name and click Add.

A screenshot of a cell phone

Description automatically generated

4. Click Set up single sign on.

A screenshot of a cell phone

Description automatically generated

5. Select SAML

A screenshot of a cell phone

Description automatically generated

6. Click the edit icon for Basic SAML Configuration.

A screenshot of a social media post

Description automatically generated

7. Enter {{your_domain}} for Identifier (Entity ID). Enter {{your_domain}}/api/v2/saml/authenticate for Reply URL (Assertion Consumer Service URL). Click Save.

A screenshot of a cell phone

Description automatically generated

8. Click the edit icon for User Attributes & Claims. Click on the line item for Claim name.

A screenshot of a cell phone

Description automatically generated

9. Make sure the name identifier format is Email Address, and Source attribute to user.mail. Press save, and navigate back to the application.

A screenshot of a cell phone

Description automatically generated

10. Copy the Login URL and Azure AD Identifier. These correspond to the Identity Provider Single Sign-On URL and Provider Issuer URL fields.

A screenshot of a social media post

Description automatically generated

11. Download the Federation Metadata XML and open the file in a text editor.

A screenshot of a cell phone

Description automatically generated

12. Copy the data inside the X509Certificate tag to use in Plextrac.

A close up of text on the side of a building

Description automatically generated

13. Put the data into Plextrac.

A screenshot of a cell phone

Description automatically generated

14. Users can now be authorized to authenticate with Azure SAML.