Configure the SAML 2.0 Integration for Azure

Configure an instance of SAML 2.0 integration for Microsoft Azure in Cortex XSOAR.
After you have configured Azure to authenticate on Cortex XSOAR, you can then configure an integration instance for SAML 2.0 in Cortex XSOAR.
  1. Create a SAML 2.0 integration instance.
    1. Go to
      Settings
      Integrations
      Servers & Services
      .
    2. Search for
      SAML 2.0
      and click
      Add instance
      to configure a new integration.
    3. Add the metadata/URL parameters from Azure to Cortex XSOAR.
      Cortex XSOAR field
      Azure Portal field
      Service Provider Entity ID
      Identifier (Entity ID)
      (Basic SAML Configuration Section)
      IdP metadata URL
      App Federation Metadata URL
      (SAML Signing Certificate Section)
      Idp SSO URL
      Login URL
      (SAML Signing Certificate section)
      The following Azure metadata/URL information has been added to the SAML 2.0 attributes in Cortex XSOAR:
    4. In the following fields, copy the Azure attributes exactly how they appear in Azure (in Azure, go to
      User Attributes & Claims
      Edit
      ). For example, in the
      Attribute to get email
      field, type
      http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress
      .
      In this example, we have the following Claim Names:
      Cortex XSOAR SAML 2.0 field
      Azure Portal Claim Name Examples
      Attribute to get username
      http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname
      Attribute to get email
      http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress
      Attribute to get first name
      http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
      Attribute to get last name
      http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname
      Attribute to get groups
      http://schemas.microsoft.com/ws/2008/06/identity/claims/role
      Add the phone attribute, if required.
    5. Select the
      Verify the Idp response signature
      and add the
      Idp Public certificate
      , which you downloaded in step 5.5 in Configure Microsoft Azure to Authenticate Cortex XSOAR).
      If your Identity Provider requires signed authentication requests, select
      Sign request
      and input the public/private certificate pair generated for Cortex XSOAR.
    6. Select the ADFS and Compress encode URL (ADFS) checkboxes.
    7. In the
      Service Identifier (ADFS)
      field, copy the characters after the
      appid
      value, which can be found at the end of the App Federation Metadata URL (section 3 in SAML Certificate).
    8. In the
      IdP Single Logout URL
      , from Azure, copy the Logout URL (section 4).
    9. In the
      Single Logout Service Endpoint
      add the details in the following format:
      https://<cortex xsoar-url>/saml-logout
    10. To verify that the settings are successful, in the instance settings, click
      Get service provider metadata
      .
      For a full list and descriptions of the fields, see SAML 2.0 Azure Parameters.
      If you click
      Test
      a bug is issued similar to this:
      You need to login with a user to test the instance. It is recommended to test this also on the Azure app, as there are detailed error reports and troubleshooting.
  2. Map the Azure groups to Cortex XSOAR roles.
    1. In Microsoft Azure, select
      Azure Active Directory
      Enterprise applications
      name of your application
      Assign users and groups
      Name of your group
      .
    2. Copy the
      Object ID
      .
      For example, we created a group, called XSOAR Administrator.
    3. In Cortex XSOAR, go to
      Settings
      Users and Roles
      Roles
      .
    4. Create or edit an existing role, as described in Define a Role.
    5. In the
      SAML Roles Mapping
      field, type the
      Object ID
      that you copied in step 2.2
  3. Click
    Save
    .

Recommended For You