nocodb/packages/noco-docs/docs/140.account-settings/030.authentication/030.SAML-SSO/040.azure-ad.md

title, description, tags, keywords

title	description	tags	keywords
Azure AD (Entra)	Learn how to configure Active Directory as an identity provider for NocoDB.	SSO Active Directory SAML	SSO Active Directory SAML Authentication Identity Provider

:::info For SSO Access - please reach out to sales team. :::

This article briefs about the steps to configure Active Directory as Identity service provider for NocoDB

NocoDB, Retrieve SAML SSO Configuration details

1. Go to Account Settings
2. Select Authentication (SSO)
3. Click on New Provider button
4. On the Popup modal, Specify a Display name for the provider; note that, this name will be used to display the provider on the login page
5. Retrieve Redirect URL & Audience / Entity ID; these information will be required to be configured later with the Identity Provider

Azure AD, Configure NocoDB as an Application

1. Sign in to your Azure account and navigate to Microsoft Entra admin center > Identity > Enterprise applications
2. Click + New application
3. On the Browse Microsoft Entra Gallery page, select Create your own application from the navigation bar. a. Provide your application's name. b. Choose Integrate any other application you don't find in the gallery (Non-gallery) c. Create
4. On your application page, navigate to Manage > Single sign-on > SAML
5. Go to the Basic SAML Configuration section under Set up Single Sign-On with SAML and click Edit a. Add the Audience URI under Identifier (Entity ID). b. Add the Redirect URL under Replay URL (Assertion Consumer Service URL). c. Click Save
6. In the Attributes & Claims section, click Edit a. Edit the "Unique User Identifier (Name ID)" claim: - Select Email address from the Name identifier format dropdown - Choose Attribute as the Source - In the Source attribute, select user.mail - Click Save [//]: # ( b. (Optional) For custom claims:) [//]: # ( - Click Add new claim, provide details, and save.) [//]: # ( - Ensure the claim is visible in the Additional claims section.) [//]: # ( - Copy the claim name for later use in NocoDB SAML configurations.)
7. Go to the SAML Certificates section and copy the App Federation Metadata URL
8. on the Application's Overview page,
   • Click Users and groups,
   • Add the necessary users or groups to the application.

NocoDB, Configure Azure AD as an Identity Provider

1. Go to Account Settings > Authentication > SAML
2. Insert Metadata URL retrieved in step above; alternatively you can configure XML directly as well
3. Save

For Sign-in's, user should be able to now see Sign in with <SSO> option.

:::note Post sign-out, refresh page (for the first time) if you do not see Sign in with <SSO> option :::