From 427709620a0bedff1bfd1d8fcba5ab9b67064e97 Mon Sep 17 00:00:00 2001 From: "gabriel.alves" Date: Tue, 28 Oct 2025 14:15:58 -0300 Subject: [PATCH] Fix-documentacao_produtos_guias_sso-microsoft-entra-saml-EN --- .../pages/guides/idp/saml-microsoft-entra.mdx | 19 ++++++++++++++++--- 1 file changed, 16 insertions(+), 3 deletions(-) diff --git a/src/content/docs/en/pages/guides/idp/saml-microsoft-entra.mdx b/src/content/docs/en/pages/guides/idp/saml-microsoft-entra.mdx index f90a69deec..c195ff2275 100644 --- a/src/content/docs/en/pages/guides/idp/saml-microsoft-entra.mdx +++ b/src/content/docs/en/pages/guides/idp/saml-microsoft-entra.mdx @@ -97,9 +97,22 @@ Once you've copied this information: - In the **Reply URL (Assertion Consumer Service URL)** field, paste the Assertion Consumer Service URL you've copied from Azion's interface. - In the **Sign on URL** field, paste the Login URL you've copied from Azion's interface. 4. Click the **Save** button. -5. On the **Attributes & Claims** box, click **Edit**. -6. In the **Unique User Identifier**, set the string *user.email* to use the email address as identifier. -7. Click the **Save** button. +5. In the **Attributes & Claims** box, click **Edit**. +After copying this information: +1. Access [Microsoft Entra admin center](https://entra.microsoft.com/). +2. Return to the **Single sign-on** section, by selecting it in the left menu. +3. In the **Basic SAML Configuration** box, click **Edit** and provide the following information: + - In the **Identifier (Entity ID)** field, paste the **Service Provider Entity ID URI** that you copied from the Azion interface. + - In the **Reply URL (Assertion Consumer Service URL)** field, paste the Assertion Consumer Service URL that you copied from the Azion interface. + - In the **Sign on URL** field, paste the Login URL that you copied from the Azion interface. + - Click the **Save** button. +5. In the **Attributes & Claims** box, click **Edit** and provide the following information: + - In the **Unique User Identifier**, set the string *user.primaryauthoritativeemail* to use the email address as the identifier. +6. In the **SAML Certificates** box - **Token signing certificate** topic, click **Edit** and provide the following information: + - Under **Signing Options** select the option **Sign SAML response and assertion**. + - Click the **Save** button. +7. Under **Signing Options**, edit and select **Sign SAML response and assertion**. +8. Click the **Save** button. After setting the service provider details, you can add users and groups, by selecting the **Users and groups** on the left side menu.