Set up single sign-on (SSO) using SAML with Microsoft Entra ID

You can set up single sign-on (SSO) to MiiTel using Security Assertion Markup Language (SAML) with Microsoft Entra ID (previously Azure Active Directory). If you want to disable the password login, please see Disable password authentication.

  Permissions or subscriptions required

  • You must have administrative privileges for Microsoft Entra ID.
  • Each user's user name in Microsoft Entra ID must be the same as the MiiTel login ID.

  IMPORTANT

  •   Only SP initiated SSO is supported. IdP Initiated SSO is not supported.
  •   This setting is unavailable if multiple SSOs are configured in a single Microsoft Entra ID organization.

Set up a Microsoft Entra ID

  1. Go to https://portal.azure.com/#home and sign in to your account.
  2. Click bars-light.svg Show portal menu on the top left of the screen.
  3. Click Microsoft Entra ID.
  4. Click Manage > Enterprise applications.
  5. Click + New application.

eng_SAMLsso1_june2024.png

  1. Click + Create your own application.

eng_SMALsso2_june2024.png

  1. Set up the following.

eng_SAML3_june2024.png

1What's the name of your app?: Enter the name of the setting.

2What are you looking to do with your application?: Select Integrate any other application you don't find in the gallery (Non-gallery).

  1. Click Create.
  2. Click Manage > Single sign-on.
  3. Click SAML.

eng_SAMLsso_june2024.png

  1. Click Edit on Basic SAML Configuration.

eng_SAMLsso_basic SAML config_june2024.png

  1. Click Add identifier.
  2. Enter urn:amazon:cognito:sp:ap-northeast-1_0rvYrqp3y.

eng_SAMLsso_identifier_june2024.png

  1. Click Add reply URL.
  2. Enter https://auth.account.miitel.jp/saml2/idpresponse.

eng_SAMLsso_repley url_june2024.png

  1. Click Save.

Send a request to set SAML for MiiTel

After you set all the above, contact us with the following information.

  • Claim name with "user.mail" as value (Follow these steps to confirm)
  1. Click Edit in Attributes & Claims

eng_SAMLsso_attributes_june2024.png 

  1. Find the Claim name in the row with "user.mail" in the Value column.

eng_SAMLsso_Attributions sample_june2024.png

  • See App Federation Metadata Url in SAML Certificates
    (Please contact us if it is difficult to share this URL due to security requirements, etc.)

eng_SAMLsso_metadataURL_june2024.png

Was this article helpful?