question

DanGaita-2397 avatar image
0 Votes"
DanGaita-2397 asked DanGaita-2397 commented

Programatically create Azure AD SAML SSO certificate

Hello,

We are trying to automate the registration, provisioning and SAML SSO settings for some 200+ AWS Single account access apps.

We would like to use Azure's own certificates for SAML SSO, but there seems to be no PowerShell / MS Graph way to make Azure create a new certificate. This feature is available in the Azure portal but does not seem to be exposed through PowerShell / Graph.

Does anyone know if there is any way to work with this feature?85249-capture.png


azure-ad-saml-sso
capture.png (12.2 KiB)
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

sikumars avatar image
0 Votes"
sikumars answered DanGaita-2397 commented

@DanGaita-2397,

Thanks for reaching out.

Azure's own certificates for SAML SSO feature is not available outside of the GUI. Alternatively, you can use Graph API way assigning custom certificate to the application which is similar to import feature in portal.

86152-image.png

More Details:
https://docs.microsoft.com/en-us/graph/application-saml-sso-configure-api#step-4-configure-a-signing-certificate


Regards,
Siva Kumar Selvaraj


Please "Accept the answer" if the information helped you. This will help us and others in the community as well.



image.png (44.5 KiB)
· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Thanks for answering! I thought as much.

I managed to get the same functionality by using Azure Key Vault and generating a certificate there, then retrieving it and pushing it through Ms Graph with Powershell.

0 Votes 0 ·