Azure as identity provider - SSO Setup

Others: Account

Note: Please be aware that for this process, Truora must provide information that you will use in certain steps, and later, you will need to supply information to complete the process. Before starting, please contact your sales representative or reach out to the support line.

Step 1: Add an AWS Single Account Access Application in Azure

  1. Log in to the Azure portal.
  2. Search for Enterprise Applications.
  3. Create a new application.
  4. In the cloud platform section, select AWS.
  5. Then, choose AWS Single Account Access.
  6. Assign a name to the application.
  7. Click Create.
    azure_add_app

Step 2: Assign users and groups

Provide specific users and groups access to the application.

  1. In the registered app, navigate to Users and Groups.
  2. Click on Add user/group.
  3. Select the users or groups you want to assign to the application.
  4. Confirm your selection and click Assign to grant access.
    azure_assign_users

Step 3: Set up single sign on

Enable users to sign into the application using their Microsoft Entra credentials.

  1. In the registered app, go to Management.
  2. Select Single Sign-On.
  3. Choose the SAML method.
    azure_add_saml
  4. Configure the basic SAML settings by entering the Identifier and Reply URL provided by Truora. Examples:
    • Identifier: urn:amazon:cognito:sp:«region»:«identifier»
    • Reply URL: https://«your-cognito-domain».auth.«region».amazoncognito.com
  5. Click Save.
    azure_config_basic_saml

Step 4: Share SAML Certificates

Copy the App Federation Metadata URL and download the Federation Metadata XML. Ensure both are shared securely with Truora to facilitate the integration process.