[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-09-07 UTC."],[[["\u003cp\u003eThis guide provides instructions for configuring SAML authentication between Microsoft Azure and the standalone Google Security Operations SOAR platform.\u003c/p\u003e\n"],["\u003cp\u003eBefore starting, you must have an existing SAML account set up in Azure and familiarize yourself with creating/assigning user accounts, creating apps, and configuring SAML providers in Azure.\u003c/p\u003e\n"],["\u003cp\u003eConfiguration within the Azure portal involves setting the Identifier, Reply URL, and Sign on URL within the Basic SAML Configuration section.\u003c/p\u003e\n"],["\u003cp\u003eThe process in the Google SecOps SOAR platform requires creating a custom SAML provider and populating fields with information from the Azure portal, including the IDP Metadata, Identifier, and ACS URL.\u003c/p\u003e\n"],["\u003cp\u003eThe table provided shows the mapping of the field names used between Google SecOps SOAR and Microsoft Azure to make it easier to follow the instructions.\u003c/p\u003e\n"]]],[],null,["# SAML configuration for Microsoft Azure\n======================================\n\nSupported in: \n[SOAR](/chronicle/docs/secops/google-secops-soar-toc)\n\n\u003cbr /\u003e\n\n| **Note:** This document is for customers using the standalone SOAR platform only.\n\n\u003cbr /\u003e\n\nBefore you begin\n----------------\n\nEnsure the SAML account is set up in Azure before referencing the following documents:\n\n- [Create and assign a user account in Azure Active Directory](https://learn.microsoft.com/en-us/entra/identity/enterprise-apps/add-application-portal-assign-users)\n- [How to create an app in Azure](https://learn.microsoft.com/en-us/entra/identity/enterprise-apps/add-application-portal)\n- [How to configure the SAML provider in Azure](https://learn.microsoft.com/en-us/entra/identity/enterprise-apps/view-applications-portal)\n\nNote: Keep the Azure portal open in a separate browser window. You'll need to copy and paste the information from it into the Google Security Operations SOAR platform.\n\nConfigure information in the Microsoft Azure portal\n---------------------------------------------------\n\n1. Sign in to the Azure portal.\n2. Navigate to **Enterprise Applications**.\n3. Locate your company's SAML sign-on app.\n4. In the left sidebar, select **Single Sign-on**.\n5. In Section 1, **Basic SAML Configuration** , configure the following fields and save the changes:\n 1. **Identifier (Entity ID)** : `https://platform_Address/Saml2/`\n 2. **Reply URL (Assertion Consumer Service URL)** : `https://platform_Address/Saml2/ACS`\n 3. **Sign on URL** : `https://platform_Address/Saml2/`\n\n[](/static/chronicle/images/soar/samlazure.png).\n\nConfigure Azure in\nGoogle SecOps SOAR\n-------------------------------------\n\n1. Go to **Settings \\\u003e Advanced \\\u003e External\n Authentication**.\n2. Create a new SAML provider.\n3. In the **Provider Type** menu, select **Custom SAML Provider**.\n4. Enter a provider name. For example, `mycompany_Azure`.\n\nThe other fields are filled using information from the Azure portal as\nfollows:\n**IDP Metadata**\n\n1. Return to the Azure portal.\n2. In the **SAML Certificates** section, locate the **Federation Metadata XML** field.\n3. Click **Download** and save the XML file.\n4. Return to the Google Security Operations platform.\n5. In the **IDP Metadata** field, upload the XML file you just got from the Azure platform.\n\n**Identifier**\n\n1. Return to the Azure portal.\n2. In the **Set up \\\\** section, locate the **Microsoft Entra Identifier** field.\n3. Copy the data in the field.\n4. Return to the Google SecOps platform.\n5. Paste the value into the **Identifier** field.\n\n**ACS URL**\n\n1. Return to the Azure portal.\n2. In the **Basic SAML Configuration** section, locate the **Sign On URL** field.\n3. Copy the data in the field.\n4. Return to the Google SecOps platform.\n5. Paste the value into the **ACS URL** field.\n\nLegend\n------\n\nFor more information, see [External Authentication.](/chronicle/docs/soar/admin-tasks/saml-soar-only/external-authentication)\n\n**Need more help?** [Get answers from Community members and Google SecOps professionals.](https://security.googlecloudcommunity.com/google-security-operations-2)"]]
