Skip to main content

SSO Integration: Microsoft Entra ID (Azure AD) with Kendis using SAML

Step by step guide to integration Microsoft Entra ID (Azure AD) with SAML

Kendis Team avatar
Written by Kendis Team
Updated this week

This guide explains how to integrate Microsoft Entra ID (Azure AD) with Kendis using SAML-based Single Sign-On (SSO).

Kendis Application

The Kendis Integration app is available on the Azure Marketplace for Microsoft Entra ID (formerly Azure AD).


Step 1: Access Entra ID

Go to https://portal.azure.com/ and select "Entra ID" from Azure Services.

Step 2: Navigate to Enterprise Applications

From the left-hand menu, select "Enterprise applications."

Step 3: Add a New Application

Click on "New Application."

Step 4: Search for Kendis

Search for "Kendis" in the application gallery. Once it appears in the results, click "Create."

Step 5: Set Up Single Sign-On

After creating the app, click on "Set up single sign on."

Step 6: Get the Reply URL from Kendis

You must be a Super Admin in Kendis to access the SAML configuration.

  • Go to Admin Settings in your Kendis account.

  • Select "SAML Configuration."

  • Copy the "Reply URL (Assertion Consumer Service URL)."

Step 7: Configure Basic SAML Settings in Azure AD

Continue the setup process by editing "Basic SAML Configuration"

  • Entity ID: Can be any custom value (e.g., kendis-sso).

  • Reply URL: Use the URL copied from Kendis in Step 6.

  • Other fields can be left empty or as-is.

Step 8: Configure Attributes and Claims

Azure AD will populate required attributes and claims by default, but Group Claims must be added manually.

  • Add a Group Claim.

  • In "Groups Claim Selection," select "Groups assigned to the application."

  • This is recommended to avoid issues when there are more than 150 groups.

  • Ensure the appropriate groups are assigned to the Kendis application.

Add a Group Claim

Group Claims Selection

Groups Claim Added

Step 9: Add Login URL and Certificate to Kendis

  • Copy the Login URL from Azure AD and paste it into the "Login URL" field in Kendis.

  • Download the certificate in Base64 format.

  • Open the certificate in a text editor and copy only the text between BEGIN CERTIFICATE and END CERTIFICATE.

  • Copy the certificate

    • Only copy the text between BEGIN CERTIFICATE and END CERTIFICATE
      ​

Kendis Screen after copying details

Press "Save"

Step 10: Assign Users or Groups

Assign users or groups to the Kendis application in Azure AD. Users will not be able to log in unless they are assigned.

Step 11: Test the Single Sign-On

  • Go to your Kendis instance URL.

  • Click on "Login with Corporate Account."

  • Log in using your Azure AD credentials.

For assistance, contact our Live Chat Support or email us at support@kendis.io

Additional Guides

Did this answer your question?