Azure SSO with Internal CA

Ryan Campbell 1 Reputation point
2022-01-27T14:45:31.207+00:00

We have an internal application that we want to use Azure SSO for. The application is not accessible from the Internet, and I would need to set up an internal Certificate Authority to get SSL on it so that Azure can use SAML. Is it possible to use Azure for SSO with an internal application using an internal CA?

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
19,433 questions
{count} votes

1 answer

Sort by: Most helpful
  1. James Hamil 21,546 Reputation points Microsoft Employee
    2022-02-01T22:42:00.87+00:00

    Hi @Ryan Campbell , I believe there's a minimum level of internet access required so that the network can reach the SAML authentication services. I believe the firewall needs to be open to everything in category 56: https://learn.microsoft.com/en-ca/microsoft-365/enterprise/urls-and-ip-address-ranges?view=o365-worldwide#microsoft-365-common-and-office-online

    Please let me know if you have any questions!

    If this answer helped you please mark it as "Verified" so other users can reference it.

    Thank you,
    James

    0 comments No comments