Reputation: 53
Azure custom application SSO using SAML and azure active directory
I’m kind of new to azure active directory. What I'm trying to achieve is: I have a .net core application (backend api) which will be called using an angular application. My requirement is to authenticate and enable single sign on using azure active directory.
With some time spent, I came to know that there are 2 ways to do this,
- Using OpenID Connect
- Using SAML
I would like to do using SAML. I tried implementing SAML SSO as follows:
- I registered one application under Active directory which redirects to my angular application. I also read that, any application we are registering in App registrations will use OpenID by default and there is no UI available to make it as SAML but we can do the same using manifest.
- We can register application using Enterprise applications to enable SAML
My question is,
- Is there a way we can authenticate and enable SSO in my application registered using App registrations?
- What options I should choose to enable SAML SSO while registering enterprise application? If I select my registered application in enterprise application it gives me the following:
The single sign-on configuration is not available for this application in the Enterprise applications experience. localhost was created using the App registrations experience.
Please go to localhost in the App registrations experience to edit properties such as reply URLs, identifiers, claims, among others. Your account should have the required permissions (Global Administrator, Cloud Application Administrator, Application Administrator, or owner of the app object).
- What will be the code changes in my angular and .net core application?
Any reference would be very helpful.
TIA
Upvotes: 4
Views: 5159
Answers (2)
Reputation: 15906
I agree with Marilee's, her answer has provided some related documents on how to create an enterprise app and how to enable SSO with the app.
What I wanna add is that I think you need to figure out which app you are willing to connect together with SSO, I mean that you just said 'an angular application', so there's only one app, how does it relate to SSO ? And if you just need to sign in both frontend app and backend app, this document may help.
Wish you could solve it soon, and if you met more questions, pls add details.
Upvotes: 0
Reputation: 7728
You can't do it from App Registrations but you can do it from the Enterprise Application experience. To set up SAML SSO you need to go to the application > Manage > Single Sign-On > Select SAML. The Quickstart goes through all of the steps for setting up SAML SSO from Enterprise Applications.
For Basic SAML configuration values, see Configure SAML Single Sign-On.
You can use the SAML toolkit and accompanying samples to test the SAML single sign-on integration with Azure AD
Upvotes: 1
Related Questions
- Incorporate WebForms Application with Azure AD for SAML based SSO authentication
- SSO Setup for a Saas Application
- SAML Azure AD SSO setup for PHP web application
- How to add an application to Azure AD with SSO option SAML
- Can I configure the SSO SAML with an App Registration (not Enterprise Application)?
- Azure AD SSO with SAML Signing Certificate
- Azure Active Directory SSO with Asp.net Webforms
- Custom SSO With Azure Active Directory
- SAML : How to implement SSO (Single sign on ) for an web application
- How to implement SSO using SAML in the existing ASP.net application