Azure SSO Setup

Step 1: Create a new enterprise application




Step 2: Choose SAML



Step 3: Enter Entity ID/Reply ID

Capacity IDP: https://auth.capacity.com/

Reply URLhttps://auth.capacity.com/v1/sso/saml/acs



Step 4: Add User Attributes Claims

You can’t edit existing claims, so you will need to add new ones.

  1. Name: first_name Source attribute: user.givenname
  2. Name: last_name Source attribute: user.surname
  3. Name: email Source attribute: user.mail



Step 5: Delete claims we didn’t create just now


Step 6: Add appropriate users/groups



Step 7: Provide your customer success manager with the federation Metadata URL


Troubleshooting

Error AADSTS50105 - The signed in user is not assigned to a role for the application.


In this case, the user has not been granted access to the application in Azure AD. You can refer to step 7 above, or you can use this quick start guide from Microsoft to appropriately assign users.


For more details on this error, you can refer to this Microsoft help page



Was this article helpful?