Complete this procedure to add Microsoft
Azure AD as a third-party SAML identity provider.
How to
-
In the navigation menu, select
.
Note: If you are trying the new
Enterprise Center interface, in the navigation menu, select .
-
Configure basic identity provider settings:
-
In the Name and Description fields, enter a name and description for the IdP.
-
In the Provider Type menu, select Third-Party SAML.
-
Click Continue.
-
In the General settings section:
-
For Identity Intercept, select Use Akamai domain and enter a
hostname. The identity intercept is the URL for the authentication page that’s
presented to users. The hostname you provide here is the one you entered in the Set up single sign-on for Enterprise Application Access application
procedure.
-
In the Akamai Cloud Zone, select a
cloud zone that is closest to the user base.
-
In the Session section, use the default
settings for the Session Idle Expiry, Limit Session Life, and Max Session Duration
fields.
-
In the Authentication section, complete
these steps:
-
In the URL field, enter the URL that
you provided for the Identity Intercept.
-
Select Sign SAML request.
-
Select Encrypted SAML
response.
-
For the IdP metadata file, click
Choose File.
-
Browse to the metadata file and
click Open.
-
In the Advanced Settings, select Enable authorization.
-
Click Save.
Next steps
- Create and download an identity connector
- Add AD to ETP. As part of this procedure, make sure you assign an identity connector to
the directory. For instructions, see Add a directory.
- Assign AD to the Azure identity provider