Microsoft Entra ID (Formerly Microsoft Azure Active Directory) and SAML Authentication Setup

Complete the following steps to successfully set up your Entra ID and SAML (Security Assertion Markup Language) authentication.

 

See the Troubleshooting section if you experience errors during your setup.

 

---

Microsoft Entra ID Setup

1. Navigate to and log into your Asset Panda account.

    

2. Open a second tab, and then navigate and log into the Microsoft Entra ID admin center: https://entra.microsoft.com/#home.

    

   NOTE: You must have an administrative account to complete these setups.

    

3. From the navigation bar on the left of the window under Identity, select Applications, then App registrations. 

    

   

    

4. Select New registration.

    

   

    

5. Fill in the fields and selections:

    

   • Name

      

   • Supported account types

      

   • Redirect URI (optional)

      

   Then select Register at the bottom right.

    

   

    

   The application and service principal are created.

    

---

SAML Authentication Setup

1. In the left navigation bar, under Applications, select Enterprise registrations. 

    

   

    

2. Choose your application from the list.

    

3. Select Assign users and groups.

    

   

    

   NOTE: Users and groups must be added so they can be added to SSO.

    

4. Select Add user/group.

    

   

    

5. On the Users and groups page, select Users or Groups, depending on your needs.

    

   NOTE: You can add either Users, Groups, or both.

    

6. Select the user(s) or group(s) you wish to assign, and then click Select.

    

7. Select Assign.

    

   

    

   You are returned to the Users and groups page.

    

---

Enable Single Sign-on with SAML

1. Sign in to Microsoft Entra Admin Center as a Cloud Application Administrator or a higher privileged role with the ability to manage application proxy.

    

   For more on privileged roles, see Microsoft Entra built-in roles

    

2. In the left navigation bar, select Identity, then Applications, next Enterprise applications.

    

3. Select your application.

    

4. In the left navigation menu under Manage, select Single sign-on.

    

5. Select SAML to open the SSO configuration page.

    

   

    

6. The process of configuring an application to use Microsoft Entra ID for SAML-based SSO varies depending on the application. For any of the enterprise applications in the gallery, use the configuration guide link to find information about the steps needed to configure the application. The steps for the Microsoft Entra SAML Toolkit 1 are listed in this article.

    

7. In the Set up Microsoft Entra SAML Toolkit 1 section, record the values of the Login URL, Microsoft Entra Identifier, and Logout URL properties to be used later.

    

---

Configuration

To configure authentication:

 

1. Navigate to App registrations.

    

2. Choose your application.

    

3. Select Authentication from the Manage navigation bar.

    

See Troubleshooting below if you experience errors during your setup.

 

---

Troubleshooting

Complete the troubleshooting steps below if you encounter any of the following:

 

• Test failure - Review all steps above to make sure all links and settings match exactly and were saved correctly.

   

• Too many redirects - If you receive this error while accessing your SSO login page, check the SSO URL within the Asset Panda SSO configuration to confirm that it is correct.

   

• User must be assigned a role or needs permission - Use the Microsoft Entra ID troubleshooting documentation for further assistance with this issue Quickstart: Create and assign a user account.

   

---

See also

Microsoft Entra ID

Microsoft Entra ID Setup Guide