Skip to main content

Azure AD

  1. First, go to the Azure portal and select Azure Active Directory. Then go to "Enterprise Application" and create a new application. Now, select "Non gallery application".

  2. You will land on this page, where you can set your app name.

azuread start

  1. Select your newly created application and click on Single Sign On. Choose SAML application.

azuread select sso

  1. Now, you need to configure the Service Provider in Azure. Click on Edit in the first box. Use these values:
    - `Identifier (Entity Id)` field is filled with the `SP Entity ID` value on GitGuardian dashboard.- `Reply URL (Assertion Consumer Service URL)` field is filled with the `ACS URL` value on GitGuardian dashboard.
    Don't forget to click on "Save".

azuread setup sp

  1. Now, some mappings need to done. Select 'Edit' on the 'User Attributes & Claim' box. Click on 'Add new claim'. Leave 'Namespace' empty and use these values:
    - `Name: first_name + Source attribute: user.givenname`- `Name: last_name + Source attribute: user.surname`
    Don't forget to click on "Save".

azuread mappings

You also need to make sure that the User ID claim is set to Email.

azuread userid

  1. Setup how responses and assertions are signed. Choose 'Sign both' and 'SHA-256' as digest algorithm

azuread signature

  1. Now, you need to configure the Identity Provider in GitGuardian dashboard. Use these values:
    • Entity Id field is filled with the Azure AD Identifier
    • Single Sign-On URL field is filled with the Login URL
    • X509 Cert field is filled with the certificate. Download the Base64 certificate, use cat and copy/paste the plaintext value.

azuread idp config

  1. Test your app configuration by clicking on "Test".