To configure SAML Single Sign-on to Funnel from Azure AD follow these steps:
In Azure Portal:
- Go to Azure Active Directory/Enterprise Applications
- Click "New application" and then "Create your own application"
- Name the application and select the option "Integrate any other application you don't find in the gallery" and click "Create"
- Assign users and groups to your newly created application. Note that the email address of the users must exist in Funnel in order for SAML sign in to work.
- Go to Single sign on/SAML and enter the following properties into the Basic SAML Configuration from the Subscription page/Single Sign-on tab in the Funnel app:
Identifier (Entity ID)
Sign on URL - leave blank
Logout Url - leave blank
6. When "Basic SAML Configuration" is done the SAML Signing Certificate will be available. Download Certificate (base 64) and paste it in the Funnel X.509 Certificate field.
7. Copy the following fields from Azure and paste into Funnel
Identity Provider Single Sign-On URL
Azure AD Identifier
Identity Provider Issuer