ViksaAIDocs
Start now

Azure AD SSO Setup Guide

Configure SAML 2.0 Single Sign-On with Microsoft Azure Active Directory

Create an Enterprise Application#

  1. Log in to the Azure Portal (portal.azure.com)
  2. Navigate to Azure Active DirectoryEnterprise applications
  3. Click + New application
  4. Click + Create your own application
  5. Name it "ViksaAI" and select "Integrate any other application you don't find in the gallery (Non-gallery)"
  6. Click Create

Configure Single Sign-On#

  1. In the application overview, click Single sign-on in the left menu
  2. Select SAML as the single sign-on method

Edit the Basic SAML Configuration with these values:

FieldValue
Identifier (Entity ID)
https://viksaai.com/saml/metadata
Reply URL (ACS URL)
https://api.viksaai.com/auth/auth/sso/saml/callback
Sign on URL
https://app.viksaai.com/login

Configure Attributes & Claims#

Edit Attributes & Claims to add these mappings:

Claim nameSource attribute
email
user.mail
first_name
user.givenname
last_name
user.surname
groups
user.groups [All]

Copy Azure AD SSO Settings#

In the Set up ViksaAI section (Section 4), copy:

  • Login URL — your IdP SSO URL
  • Azure AD Identifier — your IdP Entity ID/Issuer

In Section 3, download the Certificate (Base64).

Assign Users#

  1. Go to Users and groups in the left menu
  2. Click + Add user/group
  3. Select the users or groups that should have access to ViksaAI
  4. Click Assign

Configure ViksaAI#

  1. Go to Settings → SSO in your ViksaAI dashboard
  2. Select SAML 2.0 as the protocol
  3. Select Azure AD as the provider
  4. Enter your email domain
  5. Paste the Azure AD Identifier as IdP Entity ID/Issuer
  6. Paste the Login URL as IdP SSO URL
  7. Open the downloaded certificate and paste its contents
  8. Click Save Configuration

Verify Domain and Enable#

  1. Complete domain verification by adding the DNS TXT record
  2. Click Test Connection to validate
  3. Click Enable SSO