Share via

Microsoft Entra Identifier (Entity ID) Issues with Service Provider

Mitch Silberstein 40 Reputation points
2025-02-28T18:00:38.06+00:00

We are migrating from Okta to Entra. In our environment, we have two GoAnywhere applications. One for users and one for admins. This is not uncommon to have multiple app instances within one Service Provider (SP). In the federation metadata XML, we can see the entity ID, also called the Microsoft Entra Identifier (see image below) is sent over to the SP.

The issue is the SP, GoAnywhere, does not support having two applications with the same Entity ID. The SP entity IDs are different, but the IdP entity IDs are the same value. The Microsoft Entra Identifier is always just in the format "https://sts.windows.net/[TENANTID]". 

Is the Microsoft Entra Identifier/IdP Entity ID something that can be changed? In Okta the IdP Identifier is always different.

Microsoft Security | Microsoft Entra | Microsoft Entra ID
0 comments
Accepted answer
  1. Andy David - MVP 157.8K Reputation points MVP Volunteer Moderator
    2025-02-28T20:50:50.0033333+00:00

    You can't but it looks like someone has come up with a solution:

    https://pro2col.com/blog/using-azure-ad-saml-for-both-users-and-admins

    0 comments

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.