diff --git a/docs/pages/product/configuration/vpc/azure.mdx b/docs/pages/product/configuration/vpc/azure.mdx
index 2f1536291a1dd..6f056c62c7469 100644
--- a/docs/pages/product/configuration/vpc/azure.mdx
+++ b/docs/pages/product/configuration/vpc/azure.mdx
@@ -49,8 +49,8 @@ steps:
3. The Cube Cloud service principal has specific credentials. Check that the
following details match exactly what you see on the dialog box that pops up:
-- Client ID: `0c5d0d4b-6cee-402e-9a08-e5b79f199481`
-- Name: `cube-dedicated-infra-sp`
+- Client ID: `7f3afcf3-e061-4e1b-8261-f396646d7fc7`
+- Name: `cube-dedicated-infra-peering-sp`
Once you have confirmed that all the information is correct,
select Consent on behalf of your organization and
@@ -73,7 +73,7 @@ On the [Azure Portal][azure-console], go to Virtual networks
in the following details:
- Role: `Network Contributor` or `cube-peering-role`
-- Members: `cube-dedicated-infra-sp`
+- Members: `cube-dedicated-infra-peering-sp`
### Firewall
diff --git a/docs/pages/product/workspace/sso.mdx b/docs/pages/product/workspace/sso.mdx
index 08830b7ac237b..7bf5b893ef6f9 100644
--- a/docs/pages/product/workspace/sso.mdx
+++ b/docs/pages/product/workspace/sso.mdx
@@ -37,6 +37,11 @@ to get tool-specific instructions:
imageUrl="https://static.cube.dev/icons/google-cloud.svg"
title="Google Workspace"
/>
+
+
+Single sign-on with Microsoft Entra ID is available in Cube Cloud on
+[Enterprise](https://cube.dev/pricing) tier.
+[Contact us](https://cube.dev/contact) for details.
+
+
+
+## Enable SAML in Cube Cloud
+
+First, we'll enable SAML 2.0 authentication in Cube Cloud:
+
+1. Click your username from the top-right corner, then click Team &
+ Security.
+
+2. On the Authentication & SSO tab, ensure SAML 2.0 is
+ enabled:
+
+
+
+Take note of the Single Sign On URL and Service Provider Entity
+ID values here, as we will need them in the next step when we configure
+the SAML integration in Entra ID.
+
+## Create a new Enterprise Application in Azure
+
+Go to [Enterprise Applications](https://portal.azure.com/#view/Microsoft_AAD_IAM/StartboardApplicationsMenuBlade/~/AppAppsPreview)
+in your Azure account and click New application.
+
+
+
+Select Create your own application at the top:
+
+
+
+Give it a name and choose a *non-gallery application*:
+
+
+
+Go to the Single sign-on section and select SAML:
+
+
+
+Fill-in Entity ID and Reply URL from the [SAML
+configuration page](#enable-saml-in-cube-cloud) in Cube Cloud:
+
+
+
+Go to Attributes & Claims → Edit → Advanced settings:
+
+
+
+Set the audience claim override to the value given you by the [SAML
+configuration page](#enable-saml-in-cube-cloud) in Cube Cloud:
+
+
+
+Go to SAML Certificates → Edit and select Sign SAML response
+and assertion for Signing Option:
+
+
+
+Download Federation Metadata XML:
+
+
+
+## Complete configuration in Cube Cloud
+
+Upload it to Cube Cloud through Advanced Settings tab on the [SAML
+configuration page](#enable-saml-in-cube-cloud) in Cube Cloud:
+
+
+
+Select SHA-256 as Signature Algorithm:
+
+
+
+Enter “[http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name](http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name)”
+or a preferred attribute to lookup email address in Attributes → Email:
+
+
+
+Save settings on the Cube Cloud side.
+
+## Final steps
+
+Make sure the new Azure application is assigned to some users or a group:
+
+
+
+At the bottom of the Single sign-on section, select Test
+and verify that the SAML integration now works for your Cube Cloud account:
+
+
+
+Done! 🎉
+
+[ext-ms-entra-id]: https://www.microsoft.com/en-us/security/business/identity-access/microsoft-entra-id
\ No newline at end of file