SAML configuration for Microsoft Azure

Supported in:

Prerequisites

Make sure to set up the SAML account in Azure beforehand using the following documents as reference.

Configure information in the Microsoft Azure portal

  1. Sign in to the Azure portal.
  2. Navigate to Enterprise Applications.
  3. Locate your company's SAML sign-on app.
  4. In the left sidebar, select Single Sign-on.
  5. In Section 1, Basic SAML Configuration, configure the following fields and save the changes:
    1. Identifier (Entity ID): https://platform_Address/Saml2/
    2. Reply URL (Assertion Consumer Service URL): https://platform_Address/Saml2/ACS
    3. Sign on URL: https://platform_Address/Saml2/

Keep the Azure portal open in a separate browser window because you will need to copy and paste information from the Azure portal to the Google Security Operations SOAR platform.

samlazure.

Configure Azure in Google Security Operations SOAR

  1. Navigate to Settings > Advanced > External Authentication.
  2. Create a new SAML provider.
  3. In the Provider Type menu, select Custom SAML Provider.
  4. Enter a provider name. This can be any name you want. For example, mycompany_Azure.

The other fields are filled using information from the Azure portal as follows:

IDP Metadata
  1. Return to the Azure portal.
  2. In the SAML Certificates section, locate the Federation Metadata XML field.
  3. Click Download and save the XML file.
  4. Return to the Google Security Operations platform.
  5. In the IDP Metadata field, upload the XML file you just got from the Azure platform.
Identifier
  1. Return to the Azure portal.
  2. In the Set up \ section, locate the Microsoft Entra Identifier field.
  3. Copy the data in the field.
  4. Return to the Google Security Operations platform.
  5. Paste the value into the Identifier field.
ACS URL
  1. Return to the Azure portal.
  2. In the Basic SAML Configuration section, locate the Sign On URL field.
  3. Copy the data in the field.
  4. Return to the Google Security Operations platform.
  5. Paste the value into the ACS URL field.
Provider Public Certificate
  1. Return to the Azure portal.
  2. In the SAML Certificates section, locate the Certificate (Base64) field.
  3. Click Download and save the certificate somewhere accessible.
  4. Return to the Google Security Operations platform.
  5. In the Provider Public Certificate field, upload the certificate you just got from the Azure platform.

Legend

Field Name in Google Security Operations SOAR Field Name in Microsoft Azure
IDP Metadata Federation Metadata XML
Identifier Microsoft Entra Identifier
ACS URL Sign on URL
Provider Public Certificate Certificate (Base64)