How do I configure Azure AD SSO with SAML for a non-gallery application (custom website)?

Michael Sullivan 36 Reputation points
2023-01-11T18:29:47.3266667+00:00

I have gone through this tutorial for setting up Azure AD SSO with SAML for the Azure AD SAML Tookit application.
https://learn.microsoft.com/en-us/azure/active-directory/saas-apps/saml-toolkit-tutorial

When managing that app and selecting "Single sign-on" I have the option of selecting different methods, including SAML. However, for the enterprise application that I have created for SSO on my custom website, when clicking that section under Manage, it does not give me options and just says "This application uses OpenID Connect and OAuth." I noticed that it also says "OIDC-based Sign-on (Preview)." Is it possible for me to set up with SAML like in the tutorial? Do I need to upgrade my account/subscription to have other options?
I am trying to set up Azure AD SSO with SAML for several enterprise clients who would like their employees to log in to our site using their existing Azure AD tenants. What am I missing?

Microsoft Security | Microsoft Entra | Microsoft Entra ID
{count} votes

1 answer

Sort by: Most helpful
  1. Shweta Mathur 30,296 Reputation points Microsoft Employee Moderator
    2023-01-12T06:34:08.6066667+00:00

    Hi @Michael Sullivan ,

    Thanks for reaching out.

    I understand you are trying to integrate the Azure AD SSO with SAML for enterprise application but not able to see SAML based Sign on for your custom applications.

    The process of configuring an application to use Azure AD for Single Sign On varies depending on the application.

    There are number of ways to choose the applications either from Gallery or from Non-Gallery.

    The Azure Active Directory (Azure AD) application gallery has SaaS applications that have been pre-integrated with Azure AD. There are thousands of applications that make it easy to deploy and configure SSO and automated user provisioning.

    There are many applications which are still not in the gallery, and Azure AD allow you to create your own application or integrate any other application which is not part of the gallery to make a SAML based application.

    There are some applications in enterprise applications e.g smartSheet or any other application which you developed and tries to integrate with AD allows you to use only OIDC standard for SSO. Those application won't allow to configure SSO with SAML.

    Only those applications which supports SAML based SSO allow you to switch from OIDC to SAML by choosing "Change single sign-on mode".

    User's image

    Also, this article will help you to choose which SSO is required based on your application.

    Hope this will help. If you have any other question, please let us know.

    Thanks,

    Shweta


    Please remember to "Accept Answer" if answer helped you.


Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.