Configuring SAML with Microsoft Azure

Good Grants can be configured for single sign-on using Microsoft Azure and SAML. This allows users in your Microsoft Azure environment to log in without creating separate Good Grants credentials.

Configure SAML in Microsoft Azure

  1. Log in to the Microsoft Azure portal
  2. Go to All services and select Microsoft Entra ID
  3. Open the Add menu and choose Enterprise application
  4. Click Create your own application
  5. Enter an application name
  6. Click Create
  7. Select Set up single sign-on
  8. Choose SAML
  9. In Basic SAML Configuration, set the following values replacing "your_Good_Grants_account_domain" with your program's URL:
    • Identifier (Entity ID): https://your_Good_Grants_account_domain/saml/metadata
    • Reply URL (Assertion Consumer Service URL): https://your_Good_Grants_account_domain/saml/callback
  10. Configure the firstName, lastName, and email in the 'Attributes & Claims' section
  11. Set Name identifier format to Persistent
  12. Remove any values from the Namespace field in Additional claims

Enable SAML in Good Grants

  1. In the Manage workspace, go to Settings > Users > Registration
  2. Under '3rd party authentication', select SAML
  3. Copy the Azure AD Identifier from Microsoft Azure and paste it into Issuer
  4. Copy the Login URL from Microsoft Azure and paste it into Single sign-on service URL
  5. Download the certificate from Microsoft Azure
  6. Copy and paste the certificate text into the X.509 certificate field
  7. Click Save

Accessing SAML login

A SAML login button will now appear on your program home page. Users logged into Microsoft Azure can select this button to sign in automatically.

You can also link directly to: https://your_Good_Grants_account_domain/saml/login

Good to know

  • Assertion encryption is optional.
  • Some identity providers require a public certificate or private key.
  • SAML users do not need to register separately in Good Grants.
  • SAML configuration applies to login only, not role assignment.
Was this article helpful?
0 out of 0 found this helpful

Articles in this section

See more