How To Set Up Your Own Microsoft App (SAML)
Go to Azure Active Directory, and then go to Enterprise Applications.
Click New Application.
- Click Create your own application.
- Enter a name for your application (we recommend using your organization name).
- Select Integrate any other application you don't find in the gallery (Non-gallery)
- Click Create.
Alternately, you can choose an existing SAML app from Microsoft.
Go to the Single sign-on page, and select SAML.
On the Single sign-on page, click the edit button at the top right of the Basic SAML Configuration section
- For Entity ID, enter anything you want. For example, you can enter your company name.
- For Reply URL, enter:
- If required, for the Sign on URL enter:
- Click Save.
For the User Attributes & Claims
section, ensure that at least the following are present:
- Download the Federation Metadata XML for the Bread & Butter configuration below. Specifically, take note of the Login URL, Identifier (Entity ID) and X.509 Certificate.
- Set a reminder for yourself to generate a new Certificate before it expires. If the Certificate expires, your users will no longer be able to log in with the provider.
Bread & Butter Setup:
- Go to https://app.breadbutter.io/sign-in/
- Click Sign In and authenticate (or Sign Up make a new account and authenticate)
- Navigate to Providers, then to Default Rules (or Domain Rules and open/create a domain module).
- Click on the Microsoft button under Enterprise Identity Providers
- Choose SAML for the protocol.
- Enter a name.
- Enter a description (optional).
- Enter the Login URL from the setup page in Azure.
- In the Client ID field, enter the Identifier (Entity ID) that you set above.
- In the X.509 Certificate field, enter the X.509 certificate from the Federation Metadata XML document that you downloaded above. Do not include the BEGIN and END tags.
- Click Save & close.
- Enable Microsoft by clicking the new entry in the Microsoft Identity Providers list