Skip to main content
azure-ad

Prerequisites

  • Administrator access to the Azure Portal
  • Your Datazone instance domain (e.g., app.datazone.co)

Configuration Steps

1. Access Azure Portal

Log into the Azure Portal with administrator privileges.

2. Create a New Enterprise Application

Navigate to Enterprise applications and click New application.
saml-azure-1

3. Create Custom Application

Select Create your own application, provide a name (e.g., “Datazone SSO”), and choose Integrate any other application you don’t find in the gallery (Non-gallery).
saml-azure-2

4. Configure SAML Sign-On

In the application overview, go to Single sign-on and select SAML as the sign-on method.
saml-azure-3

5. Configure Basic SAML Settings

In the Basic SAML Configuration section, click Edit and set the following parameters:
  • Identifier (Entity ID): https://YOUR_DATAZONE_DOMAIN/api/v1/auth/saml/acs
  • Reply URL (Assertion Consumer Service URL): https://YOUR_DATAZONE_DOMAIN/api/v1/auth/saml/acs
Replace YOUR_DATAZONE_DOMAIN with your actual Datazone instance domain.
Save the configuration.

6. Collect Azure AD Configuration Details

From the SAML Signing Certificate section, gather the following information:
  • Login URL: Found in the SAML configuration
  • Azure AD Identifier: Found in the SAML configuration
  • Certificate (Base64): Download the certificate
saml-azure-4

7. Configure User Attributes (Optional)

You can assign users or groups to the application in the Users and groups section. Ensure that the email attribute is mapped correctly for user identification.
saml-azure-5

8. Enter Configuration in Datazone

Finally, enter the collected information into the Datazone SAML configuration settings as described in the SAML Overview guide:
  • Entity ID (Issuer): Use the Azure AD Identifier from Azure
  • SSO URL: Use the Login URL from Azure
  • Certificate: Upload the downloaded Certificate (Base64)
saml-azure-6

Testing Your Configuration

After completing the setup:
  1. Navigate to your Datazone login page
  2. Click on the SSO/SAML login option
  3. You should be redirected to Microsoft for authentication
  4. Upon successful authentication, you’ll be redirected back to Datazone
If you encounter any issues during setup, refer to the SAML troubleshooting guide or contact support at [email protected]