End-of-Life (EoL)

Configure the SAML 2.0 Integration for Azure

Follow these instructions to configure an instance of SAML 2.0 integration for Microsoft Azure in Cortex XSOAR servers.
You need to Configure Microsoft Azure to Authenticate Cortex XSOAR and then you can configure an integration instance for SAML 2.0 in Cortex XSOAR.
  1. Create a SAML 2.0 integration instance.
    1. Go to
      Servers & Services
    2. Search for
      SAML 2.0
      and click
      Add instance
      to configure a new integration.
    3. Add the metadata/URL parameters from Azure to Cortex XSOAR.
      Cortex XSOAR field
      Azure Portal field
      Service Provider Entity ID
      Identifier (Entity ID)
      (Basic SAML Configuration Section)
      IdP metadata URL
      App Federation Metadata URL
      (SAML Signing Certificate Section)
      Idp SSO URL
      Login URL
      (SAML Signing Certificate section)
      The following Azure metadata/URL information has been added to the SAML 2.0 attributes in Cortex XSOAR:
    4. In the following fields, copy the Azure attributes exactly how they appear in Azure (in Azure, go to
      User Attributes & Claims
      ). For example, in the
      Attribute to get email
      field, type
      In this example, we have the following Claim Names:
      Cortex XSOAR SAML 2.0 field
      Azure Portal Claim Name Examples
      Attribute to get username
      Attribute to get email
      Attribute to get first name
      Attribute to get last name
      Attribute to get groups
      Add the phone attribute, if required.
    5. Select the
      Verify the Idp response signature
      and add the
      Idp Public certificate
      , which you downloaded in step 5.5 in Configure Microsoft Azure to Authenticate Cortex XSOAR.
      If your Identity Provider requires signed authentication requests, select
      Sign request
      and input the public/private certificate pair generated for Cortex XSOAR.
    6. Select the ADFS and Compress encode URL (ADFS) checkboxes.
    7. In the
      Service Identifier (ADFS)
      field, copy the characters after the
      value, which can be found at the end of the App Federation Metadata URL (section 3 in SAML Certificate).
    8. In the
      IdP Single Logout URL
      , from Azure, copy the Logout URL (section 4).
    9. In the
      Single Logout Service Endpoint
      add the details in the following format:
      https://<cortex xsoar-url>/saml-logout
    10. To verify that the settings are successful, in the instance settings, click
      Get service provider metadata
      For a full list and descriptions of the fields, see SAML 2.0 Azure Parameters
      If you Click
      a bug is issued similar to this:
      You need to login with a user to test the instance. It is recommended to test this also on the Azure app, as there are detailed error reports and troubleshooting.
  2. Map the Azure groups to Cortex XSOAR roles.
    1. In Microsoft Azure, select
      Azure Active Directory
      Enterprise applications
      name of your application
      Assign users and groups
      Name of your group
    2. Copy the
      Object ID
      For example, we created a group, called XSOAR Administrator.
    3. In Cortex XSOAR, go to
      Users and Roles
    4. Create or edit an existing role, as described in Define a Role.
    5. In the
      SAML Roles Mapping
      field, type the
      Object ID
      that you copied in step 2.2
  3. Click

Recommended For You