Epiphan Cloud - How to Configure SSO for Azure AD (Entra)
Configuring Single Sign-On for Epiphan Cloud using Azure AD Entra
This is the step-by-step guide for setting up SSO in Epiphan Cloud.
Azure AD (Entra)
-
Log in to Azure Portal → Azure Active Directory → Enterprise Applications.
https://portal.azure.com/#view/Microsoft_AAD_IAM/ActiveDirectoryMenuBlade/~/Overview
-
Click Add → Enterprise application, there Create your own application
-
Name it (e.g.,
EpiphanCloud SSO) and select Integrate any other application you don't find in the gallery (Non-gallery).
-
In the Single sign-on section, choose SAML.

-
Fill in:
-
US Epiphan Cloud Server (go.epiphan.cloud)
- Identifier (Entity ID):
urn:amazon:cognito:sp:us-east-1_PkzSxf9ng - Reply URL (ACS URL):
https://auth.epiphan.cloud/saml2/idpresponse - Sign on URI:
https://go.epiphan.cloud
- Identifier (Entity ID):
-
EU Epiphan Cloud Server (eu.epiphan.cloud)
- Identifier (Entity ID):
urn:amazon:cognito:sp:eu-central-1_2noEzyvlA - Reply URL (ACS URL):
https://auth-eu.epiphan.cloud/saml2/idpresponse - Sign-on URL:
https://eu.epiphan.cloud
- Identifier (Entity ID):
-
Australia Epiphan Cloud Server (au.epiphan.cloud)
- Identifier (Entity ID):
urn:amazon:cognito:sp:ap-southeast-2_r9fpwEGEO - Reply URL (ACS URL):
https://auth-au.epiphan.cloud/saml2/idpresponse - Sign-on URL:
https://au.epiphan.cloud
- Identifier (Entity ID):
-
-
Attributes & Claims → Edit → Add/modify:
-
email→(user.userprincipalname) user.mail(or other field with user’s email) -
given_name→user.givenname(or other field with user’s first name) -
family_name→user.surname((or other field with user’s surname email)
-
When setting the "Claims" you may not need to include your namespace URL in their settings. The Attributes and Claims might look something like this:

-
Download Federation Metadata XML and send it to us, at sso@epiphan.com.
- Alternatively, Copy the Metadata URL and send it to us, at sso@epiphan.com.

-
Test using the SSO login URL we provide.