Azure SSO Setup

Step 1: Create a new enterprise application

View full size

View full size

Step 2: Name and Create Application

View full size

Step 3: Choose SAML

View full size

Step 4: Enter Entity ID/Reply ID

Capacity IDP: https://auth.capacity.com/

Reply URL: https://auth.capacity.com/v1/sso/saml/acs

Step 5: Update User Attributes Claims

    
      
        
        View full size
      
    

• emailaddress
  • Name: email
  • Namespace: Blank

View full size

• surname
  • Name: last_name
  • Namespace: Blank

View full size

• givenname
  • Name: first_name
  • Namespace: Blank View full size

Step 6: Add appropriate users/groups

View full size

Step 7: Provide your customer success manager with the federation Metadata URL

View full size

Troubleshooting

Error AADSTS50105 - The signed in user is not assigned to a role for the application.

In this case, the user has not been granted access to the application in Azure AD. You can refer to step 7 above, or you can use this quick start guide from Microsoft to appropriately assign users.

For more details on this error, you can refer to this Microsoft help page.