Open the application's admin console and follow the directions for adding users, if you haven't done so already."
Any help on how to configure would be greatly appreciated.
Thanks
Chris
Aug 13 2019
05:19 PM
- last edited on
Jan 14 2022
04:45 PM
by
TechCommunityAP
Aug 13 2019
05:19 PM
- last edited on
Jan 14 2022
04:45 PM
by
TechCommunityAP
Hello,
I'm trying to setup a demo of B2B direct federation(SAML) with Salesforce as a Non-AAD IdP.
I followed the doc and did setup on Salesforce side as well as AAD side.
https://docs.microsoft.com/ja-jp/azure/active-directory/b2b/direct-federation
I registered enterprise application to AAD and tried to access
https://myapps.microsoft.com/?tenantid=id
with a guest user account.
When I entered user account name, redirect to the Salesforce IdP did not occur.
What I see is a usual login.live.com page which requires me to enter password.
Did I miss something to configure or have misunderstanding?
Please Advise.
Aug 13 2019 08:14 PM
@meatloaf1 I'm a program manager who works on our apps experiences and can help you out here. Did you try out the built-in testing experience when you were configuring your enterprise application described in the "Debug SAML SSO issues" article?
If you did, could you send a screenshot of the full error message, and the resulting SAML request from the link boxed in red in the screenshot below to asteen@microsoft.com? I'll get you connected with folks who can help to debug further.
Thanks!
Adam.
Oct 18 2019 05:17 PM
Hello @Adam Steenwyk
I am running into a similar issue. I am trying to utilize our internal IdP in order to access "Microsoft Cloud App Security." We are a re-seller of the service. I have configured my IdP and invited external users and am not able to trigger the external login flow.
I also took a look at the article you mentioned. When I select Cloud App Security, I do not see the single sign on option in the left pane.
The app does have this message:
Oct 21 2019 04:58 PM
Hi @chris760,
The single-sign on tab is not enabled because Microsoft Cloud App Security is an Open ID Connection Application. It is natively integrated into Azure Active Directory for single-sign on. In order to configure it with your 3rd party you could create a custom non-gallery application.
Aside from configuring SSO, I would love to further understand if you are trying to enforce restrictions or RBAC for Microsoft Cloud App Security. Many of these settings can be configured in the application itself. Let me know if you have any follow-up questions.