Assign AD to the Azure identity provider
Add AD to ETP. For instructions, see Add a directory.
Before you begin
Complete this procedure to assign your Active Directory (AD) to your Microsoft Azure AD third-party SAML identity provider.
To review the overall setup process for adding Azure as a third-party SAML identity provider, see Set up Microsoft Azure as a third-party SAML identity provider.
- In the Enterprise Center navigation menu, select .
- Click the name of the Azure identity provider.
- Click the Directories tab.
- Click the link icon and select the AD that you added.
- Click Associate.
- Confirm that users are synchronized and appear in ETP, including the user you associated with the application in Azure AD.
- Deploy the identity provider:
- If you are trying the new Enterprise Center interface, in the identity provider configuration, you can click the icon next to the Ready for Deployment status. A deployment icon also appears next to a failed deployment status in case you need to deploy the identity provider again. This action starts the deployment process.
- Deploy identity provider configuration changes in the list of Pending Changes. For more information, see Deploy configuration changes
- If this is the first Azure identity provider that you are creating, add the Azure identity provider domains to an exception list. See Add identity provider domains to an exception list.
- Associate the identity provider with a policy that’s enabled for authentication. For more information, see Require authentication to access a website or web application.
- Test single sign-on (SSO). After you assign the identity provider to a policy for authentication, you can try to access a website that requires authentication with the test user account you created.