In this article, you use the Microsoft Entra admin center to enable single sign-on (SSO) for an enterprise application that you added to your Microsoft Entra tenant. After you configure SSO, your users can sign in by using their Microsoft Entra credentials.
Microsoft Entra ID has a gallery that contains thousands of preintegrated applications that use SSO. This article uses an enterprise application named Microsoft Entra SAML Toolkit 1 as an example, but the concepts apply for most preconfigured enterprise applications in the Microsoft Entra application gallery.
It's recommended that you use a nonproduction environment to test the steps in this article.
Prerequisites
To configure SSO, you need:
A Microsoft Entra user account. If you don't already have one, you can Create an account for free.
One of the following roles: Global Administrator, Cloud Application Administrator, Application Administrator, or owner of the service principal.
Completion of the steps in Quickstart: Create and assign a user account.
Steps in this article might vary slightly based on the portal you start from.
To enable SSO for an application:
Sign in to the Microsoft Entra admin center as at least a Cloud Application Administrator.
Browse to Identity > Applications > Enterprise applications > All applications.
Enter the name of the existing application in the search box, and then select the application from the search results. For example, Microsoft Entra SAML Toolkit 1.
In the Manage section of the left menu, select Single sign-on to open the Single sign-on pane for editing.
Select SAML to open the SSO configuration page. After the application is configured, users can sign in to it by using their credentials from the Microsoft Entra tenant.
The process of configuring an application to use Microsoft Entra ID for SAML-based SSO varies depending on the application. For any of the enterprise applications in the gallery, use the configuration guide link to find information about the steps needed to configure the application. The steps for the Microsoft Entra SAML Toolkit 1 are listed in this article.
In the Set up Microsoft Entra SAML Toolkit 1 section, record the values of the Login URL, Microsoft Entra Identifier, and Logout URL properties to be used later.
Configure single sign-on in the tenant
You add sign-in and reply URL values, and you download a certificate to begin the configuration of SSO in Microsoft Entra ID.
To configure SSO in Microsoft Entra ID:
In the Microsoft Entra admin center, select Edit in the Basic SAML Configuration section on the Set up Single Sign-On with SAML pane.
For Reply URL (Assertion Consumer Service URL), enter https://samltoolkit.azurewebsites.net/SAML/Consume.
For Sign on URL, enter https://samltoolkit.azurewebsites.net/.
Select Save.
In the SAML Certificates section, select Download for Certificate (Raw) to download the SAML signing certificate and save it to be used later.
Configure single sign-on in the application
Using single sign-on in the application requires you to register the user account with the application and to add the SAML configuration values that you previously recorded.
Register the user account
To register a user account with the application:
Open a new browser window and browse to the sign-in URL for the application. For the Microsoft Entra SAML Toolkit application, the address is https://samltoolkit.azurewebsites.net.
Select Register in the upper right corner of the page.
For Email, enter the email address of the user that can access the application. Ensure that the user account is already assigned to the application.
Enter a Password and confirm it.
Select Register.
Configure SAML settings
To configure SAML settings for the application:
On the application's sign-in page, sign in with the credentials of the user account that you already assigned to the application, select SAML Configuration at the upper-left corner of the page.
Select Create in the middle of the page.
For Login URL, Microsoft Entra Identifier, and Logout URL, enter the values that you recorded earlier.
Select Choose file to upload the certificate that you previously downloaded.
Select Create.
Copy the values of the SP Initiated Login URL and the Assertion Consumer Service (ACS) URL to be used later.
Update single sign-on values
Use the values that you recorded for SP Initiated Login URL and Assertion Consumer Service (ACS) URL to update the single sign-on values in your tenant.
To update the single sign-on values:
In the Microsoft Entra admin center, select Edit in the Basic SAML Configuration section on the Set up single sign-on pane.
For Reply URL (Assertion Consumer Service URL), enter the Assertion Consumer Service (ACS) URL value that you previously recorded.
For Sign on URL, enter the SP Initiated Login URL value that you previously recorded.
Select Save.
Test single sign-on
You can test the single sign-on configuration from the Set up single sign-on pane.
To test SSO:
In the Test single sign-on with Microsoft Entra SAML Toolkit 1 section, on the Set up single sign-on with SAML pane, select Test.
Sign in to the application using the Microsoft Entra credentials of the user account that you assigned to the application.
Navigate to Applications → Application Integration and click Create New Application. Select the desired application for which you want to configure SSO. In the General Settings tab, enter the Application Name and Description, if necessary.
Navigate to Applications → Application Integration and click Create New Application. Select the desired application for which you want to configure SSO. In the General Settings tab, enter the Application Name and Description, if necessary.
App developers can use Microsoft Entra ID as a standards-based authentication provider that helps them add single sign-on (SSO) to apps that works with a user's existing credentials. Developers can also use Microsoft Entra APIs to build personalized experiences using organizational data.
Single Sign-On (SSO) is enabled by default for all integrations, however, it can be configured so that SSO is disabled. To confirm if SSO is disabled, you can review the integration in the TVE Dashboard.
Single sign-on (SSO) is an identification method that enables users to log in to multiple applications and websites with one set of credentials. SSO streamlines the authentication process for users.
The Microsoft Entra ID page appears. From the left navigation pane, click App registrations and select Owned Applications tab.Click the application name under the Display name column. You can view the Client ID, Tenant ID, Client Credentials and other details.
Sign in to the Microsoft Entra admin center as at least a Global Reader.Browse to Identity > Overview > Properties.Scroll down to the Tenant ID section and you can find your tenant ID in the box.
With SSO, meaning Single Sign-On, after you're logged in via the SSO solution, you can access all company-approved applications and websites without having to log in again. That includes cloud applications as well as on-prem applications, often available through an SSO portal (also called a login portal).
Single sign-on (SSO) is a technology which combines several different application login screens into one. With SSO, a user only has to enter their login credentials (username, password, etc.) one time on a single page to access all of their SaaS applications.
This article explains the process of configuring single sign-on (SSO) for Windows 365 by using Microsoft Entra authentication. When you enable SSO, you can use passwordless authentication and third-party Identity Providers that federate with Microsoft Entra ID to sign in to your Cloud PC.
In the navigation menu, click Advanced and then click Security. In the Sign-in Methods section, enable the Automatically sign in to Outlook add-in with Single Sign-On (SSO) credentials option.
Whenever a user signs in to an SSO service, the service creates an authentication token that remembers that the user is verified. An authentication token is a piece of digital information stored either in the user's browser or within the SSO service's servers, like a temporary ID card issued to the user.
Single sign-on (SSO) is a session and user authentication service that permits a user to use one set of login credentials -- for example, a username and password -- to access multiple applications. SSO is used by organizations of all sizes and individuals to ease the management of multiple credentials.
Introduction: My name is Wyatt Volkman LLD, I am a handsome, rich, comfortable, lively, zealous, graceful, gifted person who loves writing and wants to share my knowledge and understanding with you.
We notice you're using an ad blocker
Without advertising income, we can't keep making this site awesome for you.
