Skip to content
AuthAction Documentation

Microsoft Azure AD Enterprise Connection

Microsoft Entra ID (formerly Azure AD) can federate users to AuthAction using SAML.

ACS URL

Section titled “ACS URL”

In the enterprise application’s SAML configuration, set the Reply URL (Assertion Consumer Service URL) to:

https://<tenant-name>.<region>.authaction.com/oauth2/saml/callback

Set the Identifier (Entity ID) to your AuthAction tenant URL.

Fields to copy into AuthAction

Section titled “Fields to copy into AuthAction”
Field in AuthActionWhere to find
IdP SSO URLAzure Portal > Enterprise applications > your app > Single sign-on > Login URL
Entity ID / IssuerSame page > Azure AD Identifier

Step 1: Create an enterprise application

Section titled “Step 1: Create an enterprise application”
  1. In Azure Portal, go to Microsoft Entra ID > Enterprise applications.
  2. Click New application > Create your own application.
  3. Choose Integrate any other application you don’t find in the gallery (Non-gallery).
  4. Open Single sign-on and select SAML.
  5. Edit Basic SAML Configuration:
    • Reply URL: your AuthAction ACS URL.
    • Identifier: your AuthAction tenant URL.
  6. Ensure User Attributes include a name identifier suitable for your app (often email).

Step 2: Configure Azure AD in AuthAction

Section titled “Step 2: Configure Azure AD in AuthAction”
  1. In AuthAction, go to Connections > Enterprise Connections.
  2. Select Microsoft Azure AD (or the equivalent label in the dashboard).
  3. Enter Login URL as the IdP SSO URL and Azure AD Identifier as the Entity ID / Issuer.
  4. Add the Signing Certificate from Azure’s SAML metadata if needed.
  5. Save.

Step 3: Assign users and test

Section titled “Step 3: Assign users and test”

Assign users or groups to the enterprise application in Azure, enable the connection in AuthAction for your apps, and verify sign-in.

Section titled “Related”