Skip to content
English
  • There are no suggestions because the search field is empty.

Epiphan Cloud - How to Configure SSO for Azure AD (Entra)

Configuring Single Sign-On for Epiphan Cloud using Azure AD Entra

This is the step-by-step guide for setting up SSO in Epiphan Cloud.

Azure AD (Entra)

  • Log in to Azure Portal → Azure Active Directory → Enterprise Applications.
    https://portal.azure.com/#view/Microsoft_AAD_IAM/ActiveDirectoryMenuBlade/~/Overview

    SSO_Azure-AD-Entra_01-2
  • Click AddEnterprise application, there Create your own application

  • Name it (e.g., EpiphanCloud SSO) and select Integrate any other application you don't find in the gallery (Non-gallery).

    SSO_Azure-AD-Entra_02
  • In the Single sign-on section, choose SAML.

    SSO_Azure-AD-Entra_03
  • Fill in:

    • US Epiphan Cloud Server (go.epiphan.cloud)

      • Identifier (Entity ID): urn:amazon:cognito:sp:us-east-1_PkzSxf9ng
      • Reply URL (ACS URL): https://auth.epiphan.cloud/saml2/idpresponse
      • Sign on URI: https://go.epiphan.cloud
    • EU Epiphan Cloud Server (eu.epiphan.cloud)

      • Identifier (Entity ID): urn:amazon:cognito:sp:eu-central-1_2noEzyvlA
      • Reply URL (ACS URL): https://auth-eu.epiphan.cloud/saml2/idpresponse
      • Sign-on URL: https://eu.epiphan.cloud
    • Australia Epiphan Cloud Server (au.epiphan.cloud)

      • Identifier (Entity ID): urn:amazon:cognito:sp:ap-southeast-2_r9fpwEGEO
      • Reply URL (ACS URL): https://auth-au.epiphan.cloud/saml2/idpresponse
      • Sign-on URL: https://au.epiphan.cloud
  • Attributes & Claims → Edit → Add/modify:

    • email(user.userprincipalname) user.mail(or other field with user’s email)

    • given_nameuser.givenname(or other field with user’s first name)

    • family_nameuser.surname((or other field with user’s surname email)

When setting the "Claims" you may not need to include your namespace URL in their settings. The Attributes and Claims might look something like this:

  • Download Federation Metadata XML and send it to us, at sso@epiphan.com.

  • Alternatively, Copy the Metadata URL and send it to us, at sso@epiphan.com.SSO-config_copy-the-metadata
  • Test using the SSO login URL we provide.