Articles in this section
Category / Section

Using SAML 2.0 with Microsoft Active Directory in Azure: A Step-by-Step Guide

7 mins read

SAML 2.0 is a widely adopted standard for secure single sign-on (SSO) authentication and authorization. Integrating SAML 2.0 with Azure AD enables organizations to streamline access management and enhance security for their applications and services.

In this article, we will explore how to configure and use SAML 2.0 (Security Assertion Markup Language) with Microsoft Active Directory (AD) in Azure.

Note: Single Sign-On (SSO) with SAML 2.0 is accessible in LMS Enterprise plans, including Silver, Gold, Premium, and Enterprise tiers.

Configure Azure Active Directory (AD) for SAML Integration

Step 1:

Sign in to the Azure portal ( using your administrator account. Navigate to ' Enterprise applications'.

Step 2:

Click on the ' New Application' button.

Step 3:

Search for BrainCert in the gallery. If it is unavailable, you can create an application by clicking on ' Create your Own Application' to create a custom SAML 2.0 integration.


Step 4:

Enter ' BrainCert' in the field and click the ' Create' button.

Set Up SAML Integration in Azure AD

Step 5:

The application is now created.
Note: Add an Icon for BrainCert (optional)
To make it easier for users to identify the BrainCert application, you can upload a custom icon in the Properties section of the BrainCert application setup in Azure AD.

Step 6:

In the newly created application, go to Single sign-on .

Step 7:

Select ' SAML' as a Single sign-on method.


Step 8:

Click on the ' Edit' option to edit the Basic SAML Configuration.

Obtain the SAML metadata file from BrainCert LMS, and then upload it to Azure AD. Also, map the necessary attributes (such as NameID and email) between Azure AD and BrainCert LMS.

Configure Microsoft Active Directory for SAML Authentication

Step 9:

Login to your BrainCert account and open ' Extensions' in ' Global Settings'.


Step 10:

Make sure to toggle the ' SAML 2.0' extension and click on the ' Save' button.

Step 11:

Now, open ' User Registration ' in ' Global Settings '.

Step 12:

Go to Single Sign-On (SSO) and copy the ' Entity ID', ' Recipient', ' ACS Url', and ' Logout URL' from the Service Provider page.


Step 13:

Return to Azure Active Directory, then navigate to Basic SAML Configuration. Paste the URL and ID copied from BrainCert LMS, and finally, click on the ' Save' icon.


Test and Verify SAML Integration

Step 14:

Navigate to 'Test Single Sign-On with Braincert' and click the ' Test' button.


Step 15:

Click on the ' Test Sign in' button. 


Once authenticated, Azure AD will issue a SAML assertion to the application, granting access based on the user's identity and attributes.

Integrating SAML 2.0 with Microsoft Active Directory in Azure provides a secure and seamless SSO experience for users accessing applications and services. This configuration enhances security by centralizing access management and simplifies user provisioning and authentication across your organization's cloud infrastructure. 

Was this article useful?
Help us improve this page
Please provide feedback or comments
Access denied
Access denied