Azure Active Directory - SAML config upload

Kyle Barr 11

When adding a new Enterprise Application to Azure AD, you can select SAML for Single Signon. You can then upload an XML metadata file containing the basic configuration settings. So far I've gotten this to mostly work.

However, an Enterprise Application that we develop requires a DefaultRelay value. We'd like to provide clients with a simple config file they can upload when configuring our app for Azure AD SSO. Is there a way to configure an application's Relay Value via an uploaded XML file?

From my understanding, there are two types of SAML config files. One sets all the basic settings, and uses EntityDescriptor as its root element. The other allows you to set a whole bunch of additional attributes, and uses EntityConfig as its root. Azure AD worked perfectly fine with the first config, but I can't find a place to put the DefaultRelay in that config. And I'm not sure if the second config is supported by Azure AD.

Any tips to get this to work? Or do we need to instruct our clients to manually configure the DefaultRelay value?

Thanks.

AmanpreetSingh-MSFT 56,301 Reputation points

2021-09-24T09:17:59.607+00:00

Hi @Kyle Barr • Just checking if you were able to get it working or you are still looking for assistance on this issue.
Kyle Barr 11 Reputation points

2021-09-28T19:36:04.413+00:00

Hi @AmanpreetSingh-MSFT
In this case, I didn't find a solution and ended up sending the client the Default RelayState and the SAML XML separately. If you have any additional info that I could use in the future, though, that'd be greatly appreciated.

Thanks.