documentation/guides/sso/providers/microsoft-entra-id.md
Configure SAML-based SSO between Microsoft Entra ID and Scalar.
Navigate to Enterprise applications in the Microsoft Entra ID sidebar and select New application. Choose Create your own application and enter a name (e.g., "Scalar"):
After creating the application, assign the users and groups that should have access to Scalar:
Go to Single sign-on and select SAML as the authentication method:
Before configuring SAML settings, create a new SSO connection in Scalar:
This will provide you with the values needed for the next step.
Configure the Basic SAML Configuration with the following service provider details:
| Field | Value |
|---|---|
| Identifier (Entity ID) | https://identity.scalar.com |
| Reply URL (Assertion Consumer Service URL) | https://identity.scalar.com/acs |
| Sign on URL (Optional) | "Login URL" from Scalar |
| Relay State (Optional) | "Generate Relay State" in Scalar |
Copy the IdP details from Microsoft Entra ID into Scalar:
| Scalar | Microsoft Entra ID |
|---|---|
| Login URL | SSO URL |
| Microsoft Entra Identifier | Identity Provider Issuer |
| Certificate (Base64) | X.509 Certificate |
Scalar requires token encryption for SAML assertions. Download the encryption certificate from the Scalar and import it into Microsoft Entra ID under Token encryption:
Your organization is now ready to use Scalar SSO with Microsoft Entra ID! If you run into any issues, double-check your settings - or just reach out to our support team, we're here to help!