How To Set Up Your Own Microsoft App (SAML)
Step 2
Go to Azure Active Directory, and then go to Enterprise Applications.

Step 3
Click New Application.

Step 4
- Add a Non Gallery Application
- Give it a name
- Click Add
Alternately, you can choose an existing SAML app from Microsoft.
Step 5
Go to the Single sign-on page, and select SAML.

Step 6
On the Single sign-on page, click the edit button at the top right of the Basic SAML Configuration section

Step 7
- For Entity ID, enter anything you want. For example, you can enter your company name.
- For Reply URL, enter:
https://api.logonlabs.com/callback
- If required, for the Sign on URL enter:
https://api.logonlabs.com/callback
- Click Save.

Step 8
For the User Attributes & Claims section, ensure that at least the following are present:
- emailaddress
- givenname
- surname

Step 9
- Download the Federation Metadata XML for the LogonLabs configuration below. Specifically, take note of the Login URL, Identifier (Entity ID) and X.509 Certificate.
- Set a reminder for yourself to generate a new Certificate before it expires. If the Certificate expires, your users will no longer be able to log in with the provider.

Step 10
LogonLabs Setup:
- Go to logonlabs.com
- Click Sign In and authenticate (or Sign Up make a new account and authenticate)
- Navigate to Providers, then to Default Rules (or Domain Rules and open/create a domain module).
- Click on the Microsoft button under Enterprise Identity Providers
- Choose SAML for the protocol.
- Enter a name.
- Enter a description (optional).
- Enter the Login URL from the setup page in Azure.
- In the Client ID field, enter the Identifier (Entity ID) that you set above.
- In the X.509 Certificate field, enter the X.509 certificate from the Federation Metadata XML document that you downloaded above. Do not include the BEGIN and END tags.
- Click Save & close.
- Enable Microsoft by clicking the new entry in the Microsoft Identity Providers list
