Skip to main content
How to set up SSO in Microsoft Azure

Set up Single Sign On in Microsoft Azure to allow admin users and end users to easily login to the usecure platform and End User Portal.

Courtney Leacock avatar
Written by Courtney Leacock
Updated over a week ago

In this article, you'll learn:


Setting up SSO in Microsoft Azure is a three-step process. Here's how you can enable SSO for your Microsoft users.

How to get system provider credentials for the usecure platform

  1. Log into the platform and go to Settings > SSO

  2. Toggle SSO Enabled on

  3. Scroll down to the SAML section and copy the Assertion Consumer Service (ACS) URL and Entity ID. You’ll need these to set up the SAML app in Microsoft Azure.

How to set up up SAML in Microsoft Azure

  1. Open Azure Portal and search for “Enterprise Applications”. Pick the option that appears under Services.

  2. Click New Application

  3. Click Create your own application

  4. Enter a name for your app, and select “Integrate any other application you don't find in the gallery (Non-gallery)” under “What are you looking to do with your application?” Then click Create

  5. Once the application has been created you will be taken to the overview page for your new application. Click Set up single sign on

  6. Click SAML

  7. Click Edit on Basic SAML Configuration

  8. You’ll need to paste the ACS URL and Entity ID values you copied from the platform into the Reply URL and Identifier fields on this form respectively. Leave all the other fields blank and click Save.


  9. Scroll down to the SAML Certificates section and click Download on the Certificate (Base64) option

  10. Scroll down to Set up… section and copy the Login URL value

    Please note that the test utility on this page will not work with the platform. You’ll need to confirm that SAML SSO is working by logging in via the platform after you’ve finished the set up process.

  11. Next you’ll need to configure access to this app to specify who can use SAML SSO in the platform.


    The simplest option is to enable this application for all users by disabling the requirement for assignment to this app.

    Select Properties from the sidebar, set “Assignment required?” to No and click Save.

    This will allow anyone on your M365/AD tenant to login via SAML SSO as follows:
    Admin Console - Must have an admin user account in the platform

    End User Portal - Must have an end user account in the platform

    You can restrict access by assigning specific groups if you wish using the Users and Groups option in the sidebar. This will prevent admin users and end users who are not assigned to the app from using SAML SSO to log into the platform.

How to set the Identity Provider Credentials in the usecure platform

  1. Go back to the usecure platform SSO settings page and scroll down to the SAML section.


  2. You’ll need the identity provider details you copied/downloaded during the creation of your Google SAML app.

    Paste the Login URL into the SAML Entry Point (Identity Provider SSO URL) field.

    Drag & drop the Certificate (Base64) you downloaded into the SAML Signing Certificate (Public x509 Certificate) field. You can also copy & paste the text or manually upload the file if you wish.

  3. Expand the Advanced Options section and turn on the option for Disable RequestedAuthnContext

  4. Click Save to finish the SAML set up process.


Next steps

Did this answer your question?