Skip to content

SAML MS Entra ID Configuration

Overview

This tutorial will walk you through the steps required to set up Faction with your Microsoft Entra ID Single Sign On using SAML

Configuring Entra ID in Azure

  1. Open the Azure Console and navigate to "Entra Id"
  2. Navigate to Enterprise Applications:
  3. Click "New Application"
  4. Click "Create your own application."
  5. Enter a name (i.e Faction SAML) and select "Integrate any other application you don't find in the gallery (Non-gallery)" radio button.
  6. Click Manage->"Single Sign On", then select SAML
  7. Click 'Edit' under "Basic SAML Configuration"
  8. Under Identifier (Entity ID) enter the following URLs:
  9. https://yourfactionurl.com/saml2/callback?client_name=SAMLClient
  10. https://yourfactionurl.com/saml2/callback
  11. Under "Reply URL (Assertion Consumer Service URL)" add the following reply url:
  12. https://yourfactionurl.com/saml2/callback?client_name=SAMLClient
  13. https://yourfactionurl.com/saml2/callback
  14. If your config looks like the image below, then click 'Save'
  15. Now navigate to "Single Sign On" and copy the "App Federation Metadata Url". This will be used in the next section.

Finish Configuration in FACTION

With the Federation URL copied, you are now ready to finish the configuration on the Faction side. 1. Log in to Faction as an admin 2. Navigate to Administration->Users 3. Scroll to the bottom and enter the URL we copied from step 11 above into "App Federation Metadata Url" input box. 4. Click Save

Configure a User for SAML Authentication

  1. Log in to Faction as admin
  2. Navigate to Administration->Users
  3. Click Add User
  4. Set the following parameters:
  5. Set username to the first part of the email address.
  6. Enter the first and last name of the user
  7. Leave the password blank
  8. Set the email address. It MUST match the email address of the user managed in Entra ID
  9. Set the "Authentication Method" to SAML2
  10. Click Save

Login with SAML

SAML users only need to enter their username and submit login. Faction will automatically redirect the user to SSO login form.