Azure SSO Setup
Step 1: Create a new enterprise application
Step 2: Choose SAML
Step 3: Enter Entity ID/Reply ID
Capacity IDP: https://auth.capacity.com/
Reply URL: https://auth.capacity.com/v1/sso/saml/acs
Step 4: Add User Attributes Claims
You can’t edit existing claims, so you will need to add new ones.
Name | Source Attribute |
---|---|
first_name | user.givenname |
last_name | user.surname |
email | user.mail |
Step 5: Delete claims we didn’t create just now
Step 6: Add appropriate users/groups
Please complete this step prior to sending your CSM the URL.
Step 7: Provide your customer success manager with the federation Metadata URL
Troubleshooting
Error AADSTS50105 - The signed in user is not assigned to a role for the application.
In this case, the user has not been granted access to the application in Azure AD. You can refer to step 7 above, or you can use this quick start guide from Microsoft to appropriately assign users.
For more details on this error, you can refer to this Microsoft help page.