Configure SAML app multi-instancing for an application in Azure Active Directory   

testuser7 271 Reputation points
2022-09-26T16:42:30.95+00:00

Hello,

Admins can now configure multiple instances of the same application within an Azure AD tenant.
https://learn.microsoft.com/en-us/azure/active-directory/develop/reference-app-multi-instancing
for eg., now we can have have multiple instances of Box, and we can have separate service principal to handle instance-specific claims mapping.

But I am not sure how can I make this possible ?

I believe I am going to onboard only single BOX app from enterprise-gallery.
OR
Will I be on-boarding BOX app from gallery as many times as the number of logical instances in the BOX SaaS app ??

When I configure SAML based SSO on this BOX app, I have to select the unique entity-id.
I can not repeat the same entity-id. if I have on-boarded BOX more than one time.

Now when BOX app code redirects the user to my tenant by https://login.microsoftonline.com/<tenantid>/saml2/<issuer>
I can provide a GUID of Service-principal in <issuer>

Where is this service-principal coming from ??
Can you help me understand how this is possible ?

Thanks.

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
19,465 questions

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. testuser7 271 Reputation points
    2022-09-29T20:39:15.79+00:00

    Thanks @Sandeep G-MSFT Will wait for your update.

    0 comments