Forum Discussion
Is Entra ID P1 required for SAML SSO?
I'm getting conflicting info about SAML SSO. We have a mixture of Microsoft 365 Business Standard and Business Basic users. No one has Azure AD/Entra ID P1 licenses. Is P1 required for SAML SSO? ...
Anybody? Where are the SSO paywalls, where are the 'gotchas'? Thanks!
Hello Bfoster360
When I look at Microsoft Entra Plans and Pricing | Microsoft Security under Authentication, single sign-on and application access I can see that bothSingle sign-on (SSO) unlimited and Software as a service (SaaS) apps with modern authentication (Microsoft Entra ID application gallery apps, SAML, and OAUTH 2.0) are included in Entra ID Free.
So from my understanding it should be included from the Entra ID side.
Best regards
Dennis
- I have gotten some things to work without Entra premium like Entra ID -> Fax Plus and LogMeIn Central. One thing that doesn't work is using Entra ID as the SAML Identity Provider to log in to AWS IAM. It's something about the user provisioning process on the Entra side that needs premium.
- From this article: https://learn.microsoft.com/en-us/entra/identity/enterprise-apps/assign-user-or-group-access-portal?pivots=portal it says that "Group-based assignment requires Microsoft Entra ID P1 or P2 edition."
So you should be able to assign the application to the user directly if you have been trying with a group.
With that said I would recommend reading the above link and also reading this on how to implement AWS IAM to Entra ID.
https://learn.microsoft.com/en-us/entra/identity/saas-apps/aws-single-sign-on-tutorial
Best regards,
Dennis
