Azure SSO Setup

Step 1: Create a new enterprise application

Step 2: Choose SAML

Step 3: Enter Entity ID/Reply ID

Capacity IDP:

Reply URL

Step 4: Add User Attributes Claims

You can’t edit existing claims, so you will need to add new ones.

  1. Name: first_name Source attribute: user.givenname
  2. Name: last_name Source attribute: user.surname
  3. Name: email Source attribute: user.mail

Step 5: Delete claims we didn’t create just now

Step 6: Add appropriate users/groups

Step 7: Provide your customer success manager with the federation Metadata URL


Error AADSTS50105 - The signed in user is not assigned to a role for the application.

In this case, the user has not been granted access to the application in Azure AD. You can refer to step 7 above, or you can use this quick start guide from Microsoft to appropriately assign users.

For more details on this error, you can refer to this Microsoft help page

Was this article helpful?