Skip to main content
Skip table of contents

SAML Configuration for Microsoft Entra ID

LAST UPDATED: 06/15/2024

Overview

This guide walks you through configuring a custom SAML application within Microsoft Entra ID (formerly Azure Active Directory) and integrating it with D3 SOAR server. It guides reader through creating and setting up an enterprise application in Azure portal, configuring SAML for SSO, managing SAML signing certificates, and ensuring proper setup of configuration files.

Procedure

Create Your Own Enterprise Application

  1. Navigate to the Azure portal login page at https://portal.azure.com/#home and log in to proceed.

  2. Search for and select Azure Active Directory using the search bar.

    Frame 1 (1)-20240615-003948.png

  3. Click on Enterprise applications within the left sidebar.

    Frame 2-20240615-004306.png

  4. Click on the + New Application button.

    Frame 3 (1)-20240615-004920.png

  5. Click on the + Create your own application button.

    Frame 4 (1)-20240615-004950.png

  6. Enter a name for your D3 enterprise application.

  7. Select the Integrate any other application you don’t find in the gallery (Non-gallery) radio option.

    Frame 5-20240615-005313.png

  8. Click on the Create button.

  9. Click on the app you created, then navigate to Single sign-on in the menu.

    Frame 8-20240615-010237.png

  10. Select the SAML option.

    Frame 7-20240615-010013.png

You will now see the following screen.

Frame 23 (1)-20240617-172454.png

Configure SAML in the Application

  1. Click on the Edit button within the Basic SAML Configuration session.

    Frame 10-20240615-010654.png

  2. Click on the Add identifier and Add reply URL hyperlinks.

    Frame 13-20240615-185729.png

  3. Enter your D3 SOAR URL into the Identifier (Entity ID) input field.

  4. Enter your D3 SOAR URL with /login.aspx appended into the Reply URL (Assertion Consumer Service URL) input field.

    Frame 14-20240615-190616.png

READER NOTE

  • Your D3 SOAR URL conforms to the format https://<YourD3Domain>/<path>/VSOC.

  • Ensure that the Default checkbox is ticked for both the identifier and reply URL. They will be automatically ticked if you have only one entry of identifier or reply URL.

  • The inclusion of /login.aspx is mandatory. Failure to do so will result in the following error message and associated troubleshooting details in the Login to D3 via Entra ID.

Frame 6 (1)-20240616-044937.png

  1. Click on theFrame 15-20240615-191552.pngbutton.

  2. Click on theFrame 16-20240615-194206.pngbutton under the SAML Certificates section.

    Frame 24-20240617-172608.png

  3. Select the Sign SAML response signing option.

    Frame 18-20240615-194801.png

  4. Click on theFrame 15-20240615-191552.pngbutton.

  5. Click on Download hyperlink for Certificate (Base64).

    Frame 25-20240617-172726.png

Create Users in Entra ID

  1. Click on Users and groups within the left sidebar.

    Frame 26-20240617-214611.png

2. Click on the + Add user/group button.

Frame 27-20240617-214828.png

  1. Click on the + New user dropdown menu, then click on the Create new user menu option.

    Frame 28 (1)-20240617-215637.png

  2. Enter all the input fields within the Identity form, then click on the Review + create button.

    Frame 29 (2)-20240617-220600.png

  3. Review your information, then click on the Create button.

    Frame 30-20240617-220820.png

Assign Entra ID User the SAML Integration

  1. Click on Users and groups on the left hand side.

  2. Check the checkbox(es) next to the user(s) to whom you wish to assign the SAML Integration.

  3. Click on the Select button.

    Frame 31 (1)-20240617-221817.png

  4. Click on the portal.azure.com_ (27) (1) 2-20240618-234313.png button at the bottom left corner.

READER NOTE

Before proceeding to the next section, ensure that you have:

  • Created D3 user accounts (Organization Management > Users > + Add Users). The SAMLEmailIDType configuration key in vSOC’s Application Settings > Web Config determines what your D3 username must be. Depending on its setting, your username could be either your full email address or the local part of your email. Refer to the FAQ section in the Authentication Configuration Guide for more details.

  • Assigned login methods to those D3 user accounts (Application Settings > Login Authentication > Users).

READER NOTE

To enable multiple users within your organization to access D3 vSOC, create an Entra ID user for each individual, and assign them the SAML Integration.

Login to D3 vSOC via Entra ID

  1. Click on Properties within the left sidebar.

  2. Click on the Frame 21-20240615-204056.png icon for the User access URL.

    Frame 32 (1)-20240618-182029.png

READER NOTE

Ensure that you have set up your Login Authentication Certificate in vSOC before proceeding. The Target URL field of the Login Authentication Certificate is to be filled with the Entra ID User access URL. The content within the previously downloaded Certificate (Base64) goes into the Certificate field.

  1. Paste the User access URL into a new browser tab and press the Enter.

  2. Enter your Entra ID username, then click on the Next button.

  3. Enter your Entra ID password, then click on the Sign in button.

    Frame 23-20240617-172058.png

    After logging in to Entra ID successfully, you will be redirected to D3 vSOC.

    Frame 22-20240615-205532.png

If you choose to have D3 assist with the setup process, you have the option to send your SAML User access URL and Certificate (Base64) to D3.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close