Happy Business Starts Here

SSO Support for Azure Active Directory

Zuora Alumni

SSO Support for Azure Active Directory

How do I setup SSO in my Azure Active Directory?



If you found my answer helpful, please give me a kudo ↑
Help others find answers faster by accepting my post as a solution √

Tags (2)
3 REPLIES
Zuora Alumni

Re: SSO Support for Azure Active Directory

This feature is in a Controlled Release. Submit a request at Zuora Global Support to have SSO enabled for your tenant and for the Zuora Metadata for the oppriate enviroment (eg Sandbox or Production). Please note that SSO is not available for services enviroments or performance enviroments. Please also note that you can only have one tenant per enviroment with SSO enabled. 
 

For Azure you will need to have Azure Active Directory Premium, setup a custom application with the following attributes:

Signon URL (Optional) – Leave Blank

Identifer: https://apisandbox.zuora.com
Reply URL: https://apisandbox.zuora.com/apps/saml/SSO/alias/defaultAlias
and change the nameid-format from Unspecified to Email format:

(https://azure.microsoft.com/en-us/documentation/articles/active-directory-saml-claims-customization/)

Download the Certificate

Send XML metadata to support

Please note that when submitting a request to have SSO enabled please have the following information:

Tenant ID #:

Environment:

Identity Provider (IdP) :

Metadata file(attach to reply):

Logout URL(if any): http://myapps.microsoft.com

 

Resources:

Azure Active Directory Editions - https://azure.microsoft.com/en-us/documentation/articles/active-directory-editions/

Azure Active Directory Custom Apps - https://azure.microsoft.com/en-us/documentation/articles/active-directory-saas-custom-apps/

Azure Active Directory SAML Claims Customization - https://azure.microsoft.com/en-us/documentation/articles/active-directory-saml-claims-customization/



If you found my answer helpful, please give me a kudo ↑
Help others find answers faster by accepting my post as a solution √

Zuora Alumni

Re: SSO Support for Azure Active Directory

This feature is in a Controlled Release. Submit a request at Zuora Global Support to have SSO enabled for your tenant and for the Zuora Metadata for the oppriate enviroment (eg Sandbox or Production). Please note that SSO is not available for services enviroments or performance enviroments. Please also note that you can only have one tenant per enviroment with SSO enabled. 
 

For Azure you will need to have Azure Active Directory Premium, setup a custom application with the following attributes:

Signon URL (Optional) – Leave Blank

Identifer: https://apisandbox.zuora.com
Reply URL: https://apisandbox.zuora.com/apps/saml/SSO/alias/defaultAlias
and change the nameid-format from Unspecified to Email format:

(https://azure.microsoft.com/en-us/documentation/articles/active-directory-saml-claims-customization/)

Download the Certificate

Send XML metadata to support

Please note that when submitting a request to have SSO enabled please have the following information:

Tenant ID #:

Environment:

Identity Provider (IdP) :

Metadata file(attach to reply):

Logout URL(if any): http://myapps.microsoft.com

 

Resources:

Azure Active Directory Editions - https://azure.microsoft.com/en-us/documentation/articles/active-directory-editions/

Azure Active Directory Custom Apps - https://azure.microsoft.com/en-us/documentation/articles/active-directory-saas-custom-apps/

Azure Active Directory SAML Claims Customization - https://azure.microsoft.com/en-us/documentation/articles/active-directory-saml-claims-customization/



If you found my answer helpful, please give me a kudo ↑
Help others find answers faster by accepting my post as a solution √

Valued Scholar

Re: SSO Support for Azure Active Directory

Does the Zuora - Azure integration support IDP-initiated authentication?