Configuring SAML SSO with Azure Identity provider to XOA service provider.
-
Azure Configuration
--- - Create a new application:
- Navigate to:
Azure Entra ID > Enterprise applications > New application > Create your own application - Set the following:
- Name: Xen Orchestra
- Type: Non-gallery
- Click Create.
- Add yourself as a user:
- Go to:
Azure Entra ID > Enterprise applications > Xen Orchestra > Users and groups - Add your user account.
- Configure SAML:
-
Xen-Orchestra Configuration
--- - Enable SAML Plugin:
- Navigate to:
XO > Settings > Plugins - Enable auth-saml.
- Set up SAML Authentication:
- Callback URL (callbackUrl):
- Set to:
https://<XOA URL>/signin/saml/callback - Certificate:
- Copy the contents of the Certificate (Base64) from:
Azure Entra ID > Enterprise applications > Xen Orchestra > Single sign-on > SAML > SAML Signing Certificate - Entry Point:
- Copy the Login URL from:
Azure Entra ID > Enterprise applications > Xen Orchestra > Single sign-on > SAML > Set up Xen Orchestra - Issuer:
- Copy the Application ID from:
Azure Entra ID > Enterprise applications > Xen Orchestra > Properties - Username field: