- Go to https://portal.azure.com
2. From “All services”, search and select “Enterprise applications” service
3. Click “New application”
4. Select “Non-gallery application”
5. Give it a name and hit “Add”
6. Once it’s been created, go to “Single Sign On” and select SAML
7. Under Identifier (Entity ID), add the generic metadata url https://api-eu.perdoo.com/metadata/)
8. Under Reply URL (Assertion Consumer Service URL) add the Service Provider ACS URL from Perdoo and hit save
9. Copy the Login URL into the SSO URL field in Perdoo, and the Azure AD Identifier into the Perdoo Entity ID field.
10. From the Azure navigation menu on the left, go to User Attributes & Claims, set user.mail as Name identifier value > Source attribute:
11. Download the SAML Signing Certificate (Base64), and open it in a text editor. Then copy it into the Service Provider Certificate field in Perdoo, it should look something like this:
12. Finally, test the connection. You’ll need to add some users or groups under “Users and groups” first.