# SAML

**Overview**

This documentation will guide you through the process of creating a new enterprise application in Azure Portal and configuring Single Sign-On (SSO) using SAML.

**Step 1: Create a SAML Application in Azure Portal**

1. **Log in to Azure Portal:**
   * Sign in to the [Azure portal](https://portal.azure.com) using your administrator credentials.
2. **Register a New Application:**
   * Navigate to **Enterprise applications**.
   * Click on **New application**.
   * Select **Create your own application**.
   * Provide a name for the application and choose **Integrate any other application you don't find in the gallery (Non-gallery)**.<br>

     <figure><img src="https://2804394160-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FD9Htw9DUg294GuYmAyyj%2Fuploads%2Fgit-blob-6a0cb6c252eb52ee023d9506c1291a0e6b700830%2FCleanShot%202024-08-13%20at%2000.25.05%402x.png?alt=media" alt=""><figcaption></figcaption></figure>
3. **Set Up SAML-based SSO:**
   * Under the application’s settings, go to **Single sign-on**.
   * Choose **SAML** as the single sign-on method.\
     ![](https://2804394160-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FD9Htw9DUg294GuYmAyyj%2Fuploads%2Fgit-blob-3354cca9293ec85973847f2cbfc196b2646a477a%2FCleanShot%202024-08-13%20at%2000.27.41%402x.png?alt=media)
4. **Basic SAML Configuration:**
   * On the **Basic SAML Configuration** section, click **Edit** and fill in the following fields: replace `{{org-name}}` with your organization name in `kebab-case`
     * **Identifier (Entity ID)**: `urn:auth0:protegeai:{{org-name}}-production`
     * **Reply URL (Assertion Consumer Service URL)**: [https://protegeai.us.auth0.com/login/callback?connection={{org-name}}-production](https://protegeai.us.auth0.com/login/callback?connection={{CLIENT}}-production)
     * **Sign on URL**: Leave this blank.

**Step 2: Provide the required information**

Please collect the information below and share with us.

1. **SAML Signing Certificate:**
   * Edit **Token signing certificate** then download the PEM certificate<br>

     <figure><img src="https://2804394160-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FD9Htw9DUg294GuYmAyyj%2Fuploads%2Fgit-blob-00a2f5fb1f1e9edf34e4bb1bbb8ca37858e358a8%2FCleanShot%202024-08-13%20at%2000.46.15%402x.png?alt=media" alt=""><figcaption></figcaption></figure>

     <figure><img src="https://2804394160-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FD9Htw9DUg294GuYmAyyj%2Fuploads%2Fgit-blob-907d9d8da6a154ce59f62236ab12a8ad9cc4f068%2FCleanShot%202024-08-13%20at%2000.44.39%402x.png?alt=media" alt=""><figcaption></figcaption></figure>
2. **URLs and Identifier**
   * Login URL
   * Microsoft Entra Identifier
   * Logout URL<br>

     <figure><img src="https://2804394160-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FD9Htw9DUg294GuYmAyyj%2Fuploads%2Fgit-blob-dc801c4f48758d02104e192b6c9d6bd4d767a8c4%2FCleanShot%202024-08-13%20at%2009.48.29.png?alt=media" alt=""><figcaption></figcaption></figure>

Once we have the required information above, our team will handle the remaining setup. We will inform you shortly once the integration is ready for use.

***Note:*** If you experience any issues during the linking process or have questions related to Single Sign-On (SSO) integration, please reach out to our support team at <founders@tryprotege.com>. We are available to assist you and ensure a seamless integration with your authentication system.