SSO configuration for a multi tenant setup, but the SAAS tool supports only one IDP at a time

Question

SSO configuration for a multi tenant setup, but the SAAS tool supports only one IDP at a time

M, Akhil 20

I am trying to setup SSO for a third party SAAS application, as per the existing setup we have a two tenant architecture, one tenant for prod and one tenant for non prod. But the problem is third party SAAS application only supports one IDP at a time. What are the possible options available for me to setup SSO in this scenario? eg. b2b, cross tenant sync, entitlement etc and which would be the best option given the number of users would be between 10-20.

Accepted answer

0 additional answers

Your answer

Answer 1

Harshitha Eligeti 4,380 Microsoft External Staff Moderator

Hi @M, Akhil
Thank you for sharing your issue on Microsoft Q&A.

I Understand that you want to set up SSO with 10–20 users for both prod and non-prod tenants. Given the restriction of supporting a single IdP, using Microsoft Entra ID together with B2B Collaboration is the best way to integrate SSO with a third-party SaaS application in a multi-tenant architecture in this scenario. This method is especially useful for small user bases because it provides administrators and users with a simplified experience.

If you have any further questions or need additional assistance, please let us know. We're here to help!

Best regards,
Harshitha Eligeti.

Harshitha Eligeti 4,380 Reputation points Microsoft External Staff Moderator

2024-09-30T11:03:58.3133333+00:00

Hi @M, Akhil
Following up to see if the above answer was helpful. If this answers your query, do click Accept Answer and Yes for was this answer helpful. And, if you have any further query do let us know.
M, Akhil 20 Reputation points

2024-09-30T11:25:15.34+00:00

Can we use a multi tenant application in the above scenario? if not why? If the SAAS application supports only a single IDP, would Multi Tenant application would run into issues?
Harshitha Eligeti 4,380 Reputation points Microsoft External Staff Moderator

2024-10-01T19:21:45.6+00:00

Hi @ M, Akhil
Yes, Applications will support multiple tenants, but you need to ensure that you send requests to the endpoint login.microsoft.com/common. If you do not send the request to this endpoint, it will not support multitenant users. Additionally, the application you created should be set to the multitenant type.

For additional information refer this link: https://learn.microsoft.com/en-us/entra/identity-platform/howto-convert-app-to-be-multi-tenant

If you have any further questions or need additional assistance, please let us know. We're here to help!

Best regards,
Harshitha Eligeti.
Harshitha Eligeti 4,380 Reputation points Microsoft External Staff Moderator

2024-10-03T09:43:44.1666667+00:00

Hi @M, Akhil
Following up to see if the above answer was helpful. If this answers your query, do click Accept Answer and Yes for was this answer helpful. And, if you have any further query do let us know.
M, Akhil 20 Reputation points

2024-10-03T09:48:13.3766667+00:00

The answer was useful. Thanks.
Harshitha Eligeti 4,380 Reputation points Microsoft External Staff Moderator

2024-10-03T15:22:14.16+00:00

Hi @M, Akhil
Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

Share via

SSO configuration for a multi tenant setup, but the SAAS tool supports only one IDP at a time

0 additional answers

Your answer