Articles in this section
Category / Section

Using SAML 2.0 with Microsoft Active Directory in Azure: A Step-by-Step Guide

Published:
7 mins read

SAML 2.0 is a widely adopted standard for secure single sign-on (SSO) authentication and authorization. Integrating SAML 2.0 with Azure AD enables organizations to streamline access management and enhance security for their applications and services.

In this article, we will explore how to configure and use SAML 2.0 (Security Assertion Markup Language) with Microsoft Active Directory (AD) in Azure.

Note: Single Sign-On (SSO) with SAML 2.0 is accessible in LMS Enterprise plans, including Silver, Gold, Premium, and Enterprise tiers.


Configure Azure Active Directory (AD) for SAML Integration

Step 1:

Sign in to the Azure portal ( https://portal.azure.com) using your administrator account. Navigate to ' Enterprise applications'.
1.png


Step 2:

Click on the ' New Application' button.
2.png


Step 3:

Search for BrainCert in the gallery. If it is unavailable, you can create an application by clicking on ' Create your Own Application' to create a custom SAML 2.0 integration.

3.png

Step 4:

Enter ' BrainCert' in the field and click the ' Create' button.
4.png


Set Up SAML Integration in Azure AD

Step 5:

The application is now created.
Note: Add an Icon for BrainCert (optional)
To make it easier for users to identify the BrainCert application, you can upload a custom icon in the Properties section of the BrainCert application setup in Azure AD.
5.png


Step 6:

In the newly created application, go to Single sign-on .

10.png
Step 7:

Select ' SAML' as a Single sign-on method.

11.png


Step 8:

Click on the ' Edit' option to edit the Basic SAML Configuration.

12.png
Obtain the SAML metadata file from BrainCert LMS, and then upload it to Azure AD. Also, map the necessary attributes (such as NameID and email) between Azure AD and BrainCert LMS.


Configure Microsoft Active Directory for SAML Authentication

Step 9:

Login to your BrainCert account and open ' Extensions' in ' Global Settings'.

6.png


Step 10:

Make sure to toggle the ' SAML 2.0' extension and click on the ' Save' button.
7.png


Step 11:

Now, open ' User Registration ' in ' Global Settings '.
8.png


Step 12:

Go to Single Sign-On (SSO) and copy the ' Entity ID', ' Recipient', ' ACS Url', and ' Logout URL' from the Service Provider page.

9.png


Step 13:

Return to Azure Active Directory, then navigate to Basic SAML Configuration. Paste the URL and ID copied from BrainCert LMS, and finally, click on the ' Save' icon.

13.png


Test and Verify SAML Integration

Step 14:

Navigate to 'Test Single Sign-On with Braincert' and click the ' Test' button.

14.png


Step 15:

Click on the ' Test Sign in' button. 

15.png


Once authenticated, Azure AD will issue a SAML assertion to the application, granting access based on the user's identity and attributes.

16.png
Integrating SAML 2.0 with Microsoft Active Directory in Azure provides a secure and seamless SSO experience for users accessing applications and services. This configuration enhances security by centralizing access management and simplifies user provisioning and authentication across your organization's cloud infrastructure. 

Was this article useful?
Like
Dislike
Help us improve this page
Please provide feedback or comments
Access denied
Access denied