Configuration of Microsoft Entra ID

Microsoft Entra ID can be used as identity provider. The following chapters describe how to configure Microsoft Entra ID for the Fabasoft Cloud.

Configure Your Microsoft Entra ID

To create an enterprise app, proceed as follows:

1. Open https://portal.azure.com/: new window and log in to an account with global administrator access.
2. On the left panel, click “Microsoft Entra ID”.
3. Click “Enterprise Applications”.
4. Click “New Application”.
5. Select “Non-gallery application” under the “Add your own app” section.
6. Type your desired application name then click “Add”.

Metadata

To configure single sign-on for the enterprise app, proceed as follows:

1. On the application overview page, click “Set up single sign-on”.
2. Select “SAML” from the single sign-on method list.
3. Upload the Fabasoft Cloud metadata file https://<server>/idp/saml/metadata (e.g. https://idp.cloud.fabasoft.com/idp/saml/metadata)  and click “Save”.
4. In the “SAML Signing Certificate” section, download the “Federation Metadata XML”.
5. In the “Set up <name>” section, note down the “Microsoft Entra Identifier”.

The XML file must be uploaded to your cloud organization (“Advanced Settings” > “Login Options” > “Active Directory / SAML 2.0” action).

Users

To configure users who should be able to log in, proceed as follows:

1. On the application overview page, click “Assign users and groups”.
2. Define the users who should be able to log in.