Skip to main content

Setup SSO with Entra ID (Azure AD)

This article guides users on enabling Single Sign-On (SSO) for SqlDBM, steps for Entra ID (formerly Azure AD).

James Boncek avatar
Written by James Boncek
Updated over 3 weeks ago

Service Provider (SP) Initiated SAML Authentication Flow

SqlDBM offers Service Provider (SP) Initiated SAML Authentication for a variety of Identity Providers (IdPs). The diagram below illustrates the request workflow.

SSO Setup Steps

For those who wish to download our Metadata to pre-populate the basic SAML configurations into Azure, please download the SP Metadata. Otherwise, follow the steps below to setup your SSO Application:

  1. Create Application in Azure Active Directory

    1. Navigate to the Azure Active Directory portal

    2. Go to ‘Enterprise applications’ → ‘New application’ → ‘Create your own application’

    3. Name the application “SqlDBM”

    4. Select “Integrate any other application you don’t find in the gallery”

  2. Assign Application to Users

    1. Assign the app to Azure AD users, ensuring the admin account for your subscription is included

  3. Set up SAML

    1. In the app settings, go to "Set up single sign-on" and choose "SAML".

    2. Configure the following

      1. Basic SAML Configuration

        1. Identifier (Entity ID): https://sqldbm.com/Saml2

        2. Reply URL: https://sqldbm.com/AzureActiveDirectory/Saml2/Acs

        3. Sign on URL: leave blank

        4. Relay state: leave blank

        5. Logout Url: https://sqldbm.com/AzureActiveDirectory/Saml2/Logout

  4. Setup Claims:

    1. Email

      1. This should correspond to the user’s email address

      2. Claim type should match either of the following (case sensitive)

        1. Email

        2. http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress

    2. Name

      1. This will populate the users display name in SqlDBM

      2. Claim type should match (case sensitive)

        1. Name

Submit a Request to Enable SSO

Once your team has completed the setup steps mentioned above, please visit the support portal at support.sqldbm.com and open a support ticket with the following information

  • App Federation Metadata Url

What to expect once you have submitted a ticket:

  • The support team will review the information shared

  • Once the information is verified, your SSO will be enabled on the following Tuesday or Thursday

After Enabling SSO

For new users

  1. Sign up with a username and password

  2. Log in using your username and password

  3. Accept the invitation to join your organization by clicking the link in your invitation email.

    1. Visit your subscription page to confirm that you accepted the invitation

  4. Your account will now be linked to the subscription

  5. Log out and continue to the next section

For existing subscription users

  1. Log in using SSO by selecting the appropriate IdP from the options provided

To access SSO, use the icons on the Sign-In page. If your provider isn’t listed, click the three dots to find the correct IdP.

Did this answer your question?