Configure SAML for Microsoft Azure

Supported in:

This document explains how to configure SAML for Microsoft Azure to use with the standalone Google Security Operations SOAR platform.

Before you begin

Confirm that you've set up a SAML account in Microsoft Azure by completing the instructions in the following Quickstart guides:

Configure SAML in Microsoft Azure

To configure SAML in Microsoft Azure, follow these steps:

  1. Sign in to the Azure portal.
  2. Go to Enterprise Applications.
  3. Locate your company's SAML sign-on app.
  4. In the sidebar, select Single Sign-on.
  5. Basic SAML Configuration, configure the following fields and save your changes:
    1. Identifier (Entity ID): https://platform_Address/Saml2/
    2. Reply URL (Assertion Consumer Service URL): https://platform_Address/Saml2/ACS
    3. Sign on URL: https://platform_Address/Saml2/

Configure Azure in Google SecOps SOAR

  1. Go to Settings > Advanced > External Authentication.
  2. Create a new SAML provider.
  3. In the Provider Type menu, select Custom SAML Provider.
  4. Enter a provider name. For example, mycompany_Azure.

Complete the following fields using information from the Azure portal:

IDP Metadata
  1. Return to the Azure portal.
  2. In SAML Certificates, go to the Federation Metadata XML field.
  3. Click Download and save the Federation Metadata XML file.
  4. Return to the Google SecOps SOAR platform.
  5. In the IDP Metadata field, upload the Federation Metadata XML file to the IDP Metadata field.
Identifier
  1. Return to the Azure portal.
  2. Go to Set up \ and click the Microsoft Entra Identifier field.
  3. Copy the data from the Microsoft Entra Identifier field.
  4. Return to the Google SecOps SOAR platform.
  5. Paste the value into the Identifier field.
ACS URL
  1. Return to the Azure portal.
  2. Go to Basic SAML Configuration > the Sign On URL field.
  3. Copy the data from the Azure Sign On URL field.
  4. Return to the Google SecOps SOAR platform.
  5. Paste the value into the ACS URL field.

Field mapping

Google SecOps SOAR field Microsoft Azure field
IDP Metadata Federation Metadata XML
Identifier Microsoft Entra Identifier
ACS URL Sign on URL

For more information, see Authenticate users using SSO.

Need more help? Get answers from Community members and Google SecOps professionals.