To add Microsoft Entra (Azure AD) as a SAML 2.0 external integration, you must first register an app in Microsoft Entra (Azure AD) to enable trust with the service provider (Conga Auth Service). After creating an app, you need the Tenant ID, Metadata Location URL, and Organization ID Claim Type details.

To register an app in Microsoft Entra (Azure AD)

  1. Log in to portal.azure.com.
  2. Select Microsoft Entra ID and go to Enterprise Applications.
  3. Click New Application, then click the Create your own application option.
  4. Enter the app name.
  5. Select the Integrate any other application you don't find in the gallery (Non-gallery) option.
  6. Click Create.
  7. Select the registered app.
  8. Go to Single Sign-on and select SAML.
  9. Click Upload metadata file and select the service provider metadata file. Use the following URL per your environment to download the service provider metadata file.
  10. After uploading the metadata file, you can see the Basic SAML Configuration screen, where all metadata settings get auto-filled.
  11. Click Save.
  12. Click Done.

To get the Tenant ID, Metadata Location URL, and Organization ID Claim Type details

  1. Log in to portal.azure.com.
  2. Select Microsoft Entra ID and go to Enterprise Applications.
  3. Select the registered app.
  4. Go to Single Sign-on and select SAML 2.0.
  5. Under the SAML Certificate option, use the App Federation Metadata Url as a Metadata Location URL.
  6. Open the App Federation Metadata Url in any of the web browsers.