Azure AD SAML

Configure Azure AD SAML in Zluri

To enable clients to log in to Zluri through Azure AD, you'll need to set up SAML.

Configuration steps

Select domains allowed for SSO in Zluri

In Zluri, navigate to Settings → SSO and select the domains allowed for SSO login. Click Save when done.

📘

If your domain is not listed, you can add it from Settings → Directory Management.

Obtain ACS URL and Entity ID

  1. Navigate to Zluri's SSO Settings, scroll down, and click SAML.

  2. Note down the ACS URL and Entity ID. These will be needed in the next steps.

Configure SAML in Azure AD

  1. Log in to Azure AD and select Microsoft Entra ID in the left sidebar.

  2. Select Enterprise applications.

  3. Click ➕ New application.

  4. Select ➕ Create your own application.

  5. Give the application a name, select Integrate any other application you don't find in the gallery, and click Create.

  6. Under Getting Started, select Set up single sign on.

  7. Select SAML.

  8. Click ✏️ Edit.

  9. Refer to the Entity ID & ACS URL obtained earlier from the Zluri dashboard and enter them under Identifier (Entity ID) and Reply URL (Assertion Consumer Service URL) respectively.

  10. Under Attributes & Claims, click ✏️ Edit.

11. Fill out the required fields: 

  1. givenname =  user.givenname
  2. surname = user.surname
  3. name = user.userprincipalname
  4. emailaddress = user.userprincipalname
  5. Unique User identifier =user.mail

12. Download the Certificate (Base 64) and copy the Login URL.

13. The last step is to add user and user groups to the Zluri application. 

Then click 'Test connection' to try logging in with your AzureAD credentials. If you can log in successfully, then it works. Next time any user of your organization tries to log in they will be redirected to the AzureAD login page.

If you have already configured SAML, please check this link to understand How you can rotate SAML Certificate in Zluri?