SAML Toolkit for Azure AD
This is a sample SAML applciation created for Azure AD customers to test the SSO integration.
Testing steps
Please follow the below steps to test the integration with Azure AD. Note that we are still building this tool and it is in Alpha stage right now.
Step 1: Register the user matching with Azure AD User
Click on the top right corner and create the username matching with your Azure AD user email address. When you will test the SSO integration at that time the user matching has to happen.
So it is necessary that the same user exists in the tool.
Step 2: Create SAML Configuration
Login with your username and password on this site. Once you logged in then you can able to see the SAML SSO configuration option on the top navigation bar.
Create the SAML configuration which will ask for Azure AD Login URL, Azure AD Identifier, Logout URL and RAW Certificate.
-
To get these values Login to Azure AD Portal with Enterprise App Admin role and add "Azure AD SAML Toolkit" application from Azure AD app gallery.
-
Enable the SAML single sign-on for this application. Now you can see these Azure AD specific values in the section 4 on the page.
-
Download the RAW Certificate from section 3 of the single sign-on page.
-
Save this configuration and now you can see the SP initiated SSO URL in the SAML Configuration of the app.
Step 3: Configure Azure AD for Single sign-on
-
In Azure AD you will be asked to enter the Sign on URL, which you can copy from the SAML Configuration details page in the table.
-
Copy the Entity ID and make sure that the Identifier value in Azure AD is same and matching to this value.
-
Copy the Assertion Consumer Service URL from the application page and paste that in Reply URL textbox of Azure AD page.
-
Save the configuration now.
Step 4: Assign the application to users and test
Please perform the testing in the Browser InPrivate window so that you can test the entire flow end to end.
-
Open the browser new InPrivate window.
-
Assign the application to required users and groups in Azure AD. To do that click on the Users and Groups page and select the required users and groups.
Click on the Assign button so that they can use this app.
-
Now login to Microsoft Access Panel using this link https://myapps.microsoft.com
-
Search for the Azure AD SAML Toolkit application which you have added and click on it. This will take you to the page from where you can invoke the SP initiated SSO.
-
Click on the Login button and you can see that now the user can logged in directly in the SAML Toolkit application.