# Azure AD

**Overview**

This guide provides instructions on how to create and configure a SAML-based Single Sign-On (SSO) application in Azure Portal. Follow these steps to integrate your application with Protege.

**Step 1: Create a SAML Application in Azure Portal**

1. **Log in to Azure Portal:**
   * Sign in to the [Azure portal](https://portal.azure.com) using your administrator credentials.
2. **Register a New Application:**
   * Navigate to **Enterprise applications**.
   * Click on **New application**.
   * Select **Create your own application**.
   * Provide a name for the application and choose **Integrate any other application you don't find in the gallery (Non-gallery)**.<br>

     <figure><img src="/files/SPmFMIxOFXn5VRGOQ78O" alt=""><figcaption></figcaption></figure>
3. **Set Up SAML-based SSO:**
   * Under the application’s settings, go to **Single sign-on**.
   * Choose **SAML** as the single sign-on method.\
     ![](/files/ekW0c3ZmgCwrk3G097Ug)
4. **Basic SAML Configuration:**
   * On the **Basic SAML Configuration** section, click **Edit** and fill in the following fields: replace `{{org-name}}` with your organization name in `kebab-case`
     * **Identifier (Entity ID)**: `urn:auth0:protegeai:{{org-name}}-production`
     * **Reply URL (Assertion Consumer Service URL)**: [https://protegeai.us.auth0.com/login/callback?connection={{org-name}}-production](https://protegeai.us.auth0.com/login/callback?connection={{CLIENT}}-production)
     * **Sign on URL**: Leave this blank.

**Step 2: Provide the required information**

Please collect the information below and share with us.

1. **Primary Domain**
   * You can find the Primary domain in Microsoft Entra ID<br>

     <figure><img src="/files/IHsqDxxoElVOXrHEsvtU" alt=""><figcaption></figcaption></figure>
2. **Application ID**
   * The Application ID of the Enterprise Application you created in **Step 1**<br>

     <figure><img src="/files/yfFAy9w4sEtYuxkJHqd4" alt=""><figcaption></figcaption></figure>
3. **Client Secret**
   * Visit **App registrations** and open your new Enterprise Application<https://portal.azure.com/#view/Microsoft_AAD_RegisteredApps/ApplicationsListBlade>
   * Create a new secret and save the **Value**. Please note that the secret have an expiration so we need to renew the secret before it expires<br>

     <figure><img src="/files/55Q5sYhayEkjLd2tmF8x" alt=""><figcaption></figcaption></figure>

Once we have the required information above, our team will handle the remaining setup. We will inform you shortly once the integration is ready for use.

***Note:*** If you experience any issues during the linking process or have questions related to Single Sign-On (SSO) integration, please reach out to our support team at <founders@tryprotege.com>. We are available to assist you and ensure a seamless integration with your authentication system.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://gitbook.tryprotege.com/review/enterprise-features/enterprise-sso/azure-ad.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.