How To Set Up Your Own Microsoft App (SAML) - Authentication API - A universal API for Single Sign On

Log in to the your Azure Portal:

Go to Azure Active Directory, and then go to Enterprise Applications.

Click New Application.

Alternately, you can choose an existing SAML app from Microsoft.

Go to the Single sign-on page, and select SAML.

On the Single sign-on page, click the edit button at the top right of the Basic SAML Configuration section

For Entity ID, enter anything you want. For example, you can enter your company name.
For Reply URL, enter:https://api.logonlabs.com/callback
If required, for the Sign on URL enter:https://api.logonlabs.com/callback
Click Save.

For the User Attributes & Claims section, ensure that at least the following are present:

Download the Federation Metadata XML for the LogonLabs configuration below. Specifically, take note of the Login URL, Identifier (Entity ID) and X.509 Certificate.
Set a reminder for yourself to generate a new Certificate before it expires. If the Certificate expires, your users will no longer be able to log in with the provider.

Go to logonlabs.com
Click Sign In and authenticate (or Sign Up make a new account and authenticate)
Navigate to Providers, then to Default Rules (or Domain Rules and open/create a domain module).
Click on the Microsoft button under Enterprise Identity Providers
Choose SAML for the protocol.
Enter a name.
Enter a description (optional).
Enter the Login URL from the setup page in Azure.
In the Client ID field, enter the Identifier (Entity ID) that you set above.
In the X.509 Certificate field, enter the X.509 certificate from the Federation Metadata XML document that you downloaded above. Do not include the BEGIN and END tags.
Click Save & close.
Enable Microsoft by clicking the new entry in the Microsoft Identity Providers list