Setting up Entra ID for SAML

For the detailed information on how to setup SAML-based single sign-on for Verify Privilege Vault in Entra ID, see Microsoft's Enable single sign-on for an enterprise application.

Users must have Entra Domain Services already configured to use Entra ID.

Adding Users to Single Sign-On in Entra ID

Follow the steps in Register the user account guide to learn how to register a user account for your application.

If you have accounts in which the sAMAccountName differs from the UPN name, you can create custom rules to accommodate the differences. See Directory Services.

Entra ID Configuration Steps

For more information on how to setup SAML-based single sign-on for Verify Privilege Vault in Entra ID, see Microsoft's Enable single sign-on for an enterprise application .

You must have SAML already setup in Verify Privilege Vault with a valid certificate. See the Setting up Verify Privilege Vault section in Configuring SAML Single Sign-on.

Follow the steps in Configure SAML setting to register a user account for your application.

Advanced Settings

The following Verify Privilege Vault Identity Provider Advanced Settings can be configured in Entra ID:

If you apply advanced certificate signing settings to the Verify Privilege Vault IdP application in Entra ID, return to the Identity Providers page in Verify Privilege Vault and click the … button next the provider and select Advanced Settings to apply the same settings.

Custom claims can be configured within the Azure Enterprise Application in order to match the incoming claim to the Verify Privilege Vault username.