Skip to main content
The following is a generic guide for setting up SSO through Azure AD as a SAML app. The exact setup may differ depending on the version of Okta and desired setup.

SAML app setup

Various configurations for Azure are supported. The following is an example of an Azure setup.
  1. Log into the Azure dashboard
  2. Head over to Microsoft Entra ID -> Add -> Enterprise Application
  3. Enter a name for the new app. This needs to match the name of the connection created in the configuration, so the following is recommended. If a different identifier is chosen then that needs to be reflected in all the configuration below. The gr4vy_id here is the name of the instance.
    • Sandbox: {instance_id}-sandbox-saml
    • Production: {instance_id}-production-saml
  4. Select the non-gallery option for the app type and select Create
  5. Select Single sign-on in the left menu
  6. Select SAML for the SSO method
  7. Edit the Basic SAML Configuration
    • Set the identifier
      • Sandbox: urn:auth0:gr4vy:{instance_id}-sandbox-saml
      • Production: urn:auth0:gr4vy:{instance_id}-production-saml
    • Set the Reply URL
      • Sandbox: https://auth.gr4vy.com/login/callback?connection={instance_id}-sandbox-saml&organization={instance_id}
      • Production: https://auth.gr4vy.com/login/callback?connection={instance_id}-production-saml&organization={instance_id}
  8. Click Save
  9. Download the Base64 Certificate from the SAML Signing Certificate box
  10. Copy the Login URL

Users access

Once an app is set up, it’s important to make sure the right users have access to the app. This is something that can be configured on the user profile, through a group, or through app properties. In either setup, it’s important to apply the following profile properties to the intended users.
Detailed instructions for Azure pending.