SSOAzure AD
Azure AD SSO Setup Guide
Configure SAML 2.0 Single Sign-On with Microsoft Azure Active Directory
⏱️ 10 min read•Last updated: December 2025
1Create an Enterprise Application
- Log in to the Azure Portal (portal.azure.com)
- Navigate to Azure Active Directory → Enterprise applications
- Click + New application
- Click + Create your own application
- Name it "ViksaAI" and select "Integrate any other application you don't find in the gallery (Non-gallery)"
- Click Create
2Configure Single Sign-On
- In the application overview, click Single sign-on in the left menu
- Select SAML as the single sign-on method
Edit the Basic SAML Configuration with these values:
| Identifier (Entity ID) | https://viksaai.com/saml/metadata |
| Reply URL (ACS URL) | https://api.viksaai.com/auth/auth/sso/saml/callback |
| Sign on URL | https://os.viksaai.com/login |
3Configure Attributes & Claims
Edit Attributes & Claims to add these mappings:
| Claim name | Source attribute |
|---|---|
email | user.mail |
first_name | user.givenname |
last_name | user.surname |
groups | user.groups [All] |
4Copy Azure AD SSO Settings
In the Set up ViksaAI section (Section 4), copy:
- Login URL - This is your IdP SSO URL
- Azure AD Identifier - This is your IdP Entity ID/Issuer
In Section 3, download the Certificate (Base64).
5Assign Users
- Go to Users and groups in the left menu
- Click + Add user/group
- Select the users or groups that should have access to ViksaAI
- Click Assign
6Configure ViksaAI
- Go to Settings → SSO in your ViksaAI dashboard
- Select SAML 2.0 as the protocol
- Select Azure AD as the provider
- Enter your email domain
- Paste the Azure AD Identifier as IdP Entity ID/Issuer
- Paste the Login URL as IdP SSO URL
- Open the downloaded certificate and paste its contents
- Click Save Configuration
7Verify Domain and Enable
- Complete domain verification by adding the DNS TXT record
- Click Test Connection to validate
- Click Enable SSO
🎉 Done! Your Azure AD users can now sign in to ViksaAI using SSO.