# SAML SSO - Microsoft Entra ID Here's a step-by-step tutorial on how you can setup SAML SSO with Microsoft Entra ID ## Part 1: Enable SAML SSO in Tability 1. Go to your workspace SSO settings and select the SAML SSO option as the authentication method.
2. Keep this screen open, we'll need it later. ## Part 2: Create a new application for Tability in Microsoft Entra ID 1. Open a new tab and go to Entra ID and click on **Enterprise applications** in the sidebar. ![](https://d33v4339jhl8k0.cloudfront.net/docs/assets/60b049fe9c887a0dfc554454/images/611f3c54b37d837a3d0e585f/file-baW9aU3o54.png) 2. Create a new application by clicking on **New Application**. ![](https://d33v4339jhl8k0.cloudfront.net/docs/assets/60b049fe9c887a0dfc554454/images/611f3caa21ef206e5592d416/file-bVpew6e3OZ.png) 3. In the Entra Gallery, click on the option to *Create your own application* and create a new app with the name "Tability". ![](https://d33v4339jhl8k0.cloudfront.net/docs/assets/60b049fe9c887a0dfc554454/images/611f3cf6b55c2b04bf6e02cc/file-TtnMGAtTno.png) ## Part 3: Configure SAML SSO in Entra ID 1. In your created application, go to the Single sign-on screen and select SAML. ![](https://d33v4339jhl8k0.cloudfront.net/docs/assets/60b049fe9c887a0dfc554454/images/611f3e1ab37d837a3d0e5865/file-V80kbgiUwt.png) 2. Edit the basic SAML configuration and copy the value from your workspace SSO settings in Tability. ![](https://d33v4339jhl8k0.cloudfront.net/docs/assets/60b049fe9c887a0dfc554454/images/611f3f12f886c9486f8daa64/file-8WvPaIlzxS.png) 1. **Identifier (Entity ID)**: copy the value of the SP Entity ID ()\ 2. **Reply URL**: copy the value of the SP Consumer URL: ()\ 3. Edit the **Attributes & Claims** to change the Unique User Identifier to `user.email`
4. Save the settings in Azure Directory ## Part 4: Update SAML SSO settings in Tability 1. Download the Base 64 encoded SAML signing certificate from your application in Entra ID.
![](https://d33v4339jhl8k0.cloudfront.net/docs/assets/60b049fe9c887a0dfc554454/images/611f4045f886c9486f8daa65/file-wm1nfLFRx1.png) 2. Update the SAML SSO settings in Tability.
![](https://d33v4339jhl8k0.cloudfront.net/docs/assets/60b049fe9c887a0dfc554454/images/611f4103b55c2b04bf6e02d4/file-2waFxk5dDd.png) * Copy the content of the certificate, including the **BEGIN CERTIFICATE** and **END CERTIFICATE** to the IDP certificate field. * Copy the Login URL from Entra ID, and paste it into the IDP SSO URL field in Tability. 3. Click **Save** to confirm your settings. ## Part 5: Sign in via SSO to finalize your setup Once SAML is activated, it will be the only authentication method for your workspace. Make sure that your admin account in Tability is associated to a user in your Entra ID, otherwise, you might lose access to your workspace settings. To finalize the integration you need to sign in once via SAML SSO to validate your configuration. ![](https://d33v4339jhl8k0.cloudfront.net/docs/assets/60b049fe9c887a0dfc554454/images/61223238f886c9486f8daf7e/file-QLOxrgmzJo.png) Click on the **Log in via SSO** button to sign in. Once you're logged in you should see a confirmation message at the top of your screen saying that "SAML SSO is enabled for all users." ![](https://d33v4339jhl8k0.cloudfront.net/docs/assets/60b049fe9c887a0dfc554454/images/61223349b55c2b04bf6e084c/file-c2WTVH6VD0.png) --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://guides.tability.io/docs/become-a-tability-power-user/features/security-and-admin/saml-sso-microsoft-entra-id.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.