Setup SSO with Azure

1. Configure Single Sign-On (SSO) with Azure

Open your  Azure Active Directory and select Enterprise applications
Add new application by clicking + New application button. 
image.png
Choose + Create your own application, enter the name of the application and choose Integrate any other application you don't find in the gallery (Non-gallery).
image.png
After the application has been created  you can setup single-sign-on by choosing “ Set up single-sign-on” in the  Getting Started section
image.png
For Single Sign-on mode, select SAML based Sign-on
image.png
Follow the steps on the SSO with SAML screen. Azure AD has a detailed configuration guide at the top of the page for further guidance.
Step 1 - Basic SAML Configuration:
Click edit in the dropdown menu and provide the following SAML Provider details to your Azure from Mailtrap :
  • Entity ID = Identifier (Entity ID)
  • Assertion Consumer Service URL = Reply URL (Assertion Consumer Service URL)
  • Single Logout Service URL = Logout Url
image.png
Step 2 - User Attributes and Claims:
In the User Identifier field, enter user.mail.
Step 3 - Click Edit and choose SHA-1 Signing Algorithm, click save image.png
Now, you can download  Certificate (Base64), open it in any editor and paste its content to Mailtrap X509 Certificate field
Step 4 - You’ll need to provide the following to Mailtrap from Azure:
  • IdP Entity ID (Identity Provider Issuer) = Azure AD Identifier
  • Single Sign-on URL = Login URL
  • Optional: Single Logout Service (SLO) URL = Logout URL
image.png
Now you can save your SAML configuration on Mailtrap.
With that, SAML configuration is complete and you need to add users or group to your application in Azure:
  1. Click Users and groups on the left sidebar
  2. Click on +Add User -> Users and Groups
  3. Select all users you want to add to the application and click Select.

Permissions

By default, we create users with no permissions. If you want the user to be automatically assigned to Account Admin or to Account Viewer role, you need to setup the role mapping.
Mailtrap: In the following example, we assign the roles depending on the title attribute value:
image.png
Azure: Adit Attributes & Claims
image.png
Add title:
image.png
image.png
Don’t forget to save.
Did this answer your question? Thanks for the feedback There was a problem submitting your feedback. Please try again later.

Still need help? Contact Us Contact Us