Skip to main content

Configuring SAML SSO with Microsoft Entra ID for BEAMON AI

  • Updated

This guide explains how to configure SAML Single Sign-On (SSO) for BEAMON AI using Microsoft Entra ID as the identity provider.

 

Overview

When configuring SAML SSO, an application is created in Microsoft Entra ID and configured with the SAML settings provided by BEAMON AI. After configuration, Entra ID will act as the identity provider and authenticate users attempting to access BEAMON AI.

Once the configuration is complete, users assigned to the application in Entra ID will be able to sign in using their organization’s identity provider.

 

Prerequisites

Before starting the configuration, ensure that you have:

  • Administrative access to Microsoft Entra ID
  • The following SAML configuration values from the BEAMON AI team:
    • Reply URL (Assertion Consumer Service URL)
    • Identifier (Entity ID)

You will also need to provide the App Federation Metadata URL to the BEAMON AI team after completing the configuration.

 

Step 1: Obtain SAML configuration details

Request the following information from the BEAMON AI team:

  • Reply URL (Assertion Consumer Service URL)
  • Identifier (Entity ID)

These values will be entered when configuring the application in Entra ID.

 

Step 2: Create an enterprise application in Entra ID

  1. Sign in to the Microsoft Entra Admin Center.
  2. Navigate to Enterprise Applications.
  3. Click New application.
  4. Select Create your own application.
  5. Enter a name for the application.
  6. Select Integrate any other application you don't find in the gallery (Non-gallery).
  7. Click Create.

 

Step 3: Configure SAML single sign-on

  1. Open the application you just created.
  2. Navigate to Single sign-on.
  3. Select SAML as the sign-on method.

 

Step 4: Configure Basic SAML settings

Under Basic SAML Configuration, click Edit and enter the following values:

  • Identifier (Entity ID)
    Enter the value provided by the BEAMON AI team.
  • Reply URL (Assertion Consumer Service URL)
    Enter the value provided by the BEAMON AI team.

Click Save once both fields are configured.

 

Step 5: Retrieve the federation metadata

  1. In the SAML Certificates section, locate App Federation Metadata URL.
  2. Copy this URL.

Provide the App Federation Metadata URL to the BEAMON AI team so the identity provider configuration can be completed.

 

Step 6: Assign users or groups

  1. In the application menu, go to Users and groups.
  2. Click Add user/group.
  3. Select the users or groups who should have access.
  4. Click Assign.

Only assigned users will be able to sign in using SSO.

 

Testing the SSO configuration

  1. Ensure the test user is assigned to the application in Entra ID.
  2. Open the BEAMON AI login page.
  3. Select Single Sign-On.
  4. Sign in using your organizational credentials.

If the configuration is correct, you will be authenticated through Entra ID and redirected to BEAMON AI.

 

Troubleshooting

If users cannot sign in using SSO, check the following:

Users are assigned to the application

Only users or groups assigned under Users and groups in Entra ID can access the application.

SAML configuration values are correct

Verify that the following values match the ones provided by BEAMON AI:

  • Identifier (Entity ID)
  • Reply URL (Assertion Consumer Service URL)

Correct metadata URL shared

Ensure the App Federation Metadata URL was provided to the BEAMON AI team so they can complete the identity provider configuration.

If the issue persists, contact the BEAMON AI support team and include:

  • The App Federation Metadata URL
  • The tenant name
  • The user email used for testing
Was this article helpful?
0 out of 0 found this helpful
Return to top

Related articles