This task shows you how to configure your identity provider using Microsoft Entra ID
- SAML.
Note
Secure Network Access is not supported with SAML.
- Select Onboarding.
The
Welcome window displays.
- Select Secure Hybrid
Access [Secure Application
Access or Secure Network
Access].
The Identity Provider
window displays Google Workspace and Microsoft Entra ID options.
- Select Continue.
The IDP Configuration window displays.
- Select the link to review the comprehensive tutorial on
creating a SAML-based SSO in Microsoft Entra ID.
- Copy and paste the Identifier link
and Reply
URL link in Entra ID per the instructions in the tutorial.
Entra ID creates a Login URL and
Microsoft Entra ID Identifier.
- Paste the Login URL and Microsoft Entra ID
Identifier into their Universal ZTNA fields.
- Upload the SAML Signing
Certificate you downloaded from Entra ID
The UI instructions explain how to upload the certificate.
- Optional: Select All Domains or Custom and enter the
domain.
If you select Custom, fill in the
approved domains. Applicable for network and application access.
- Select Save.
- Select Update.
Update Identity
Provider
pop-up window displays. This message cautions you that the
Identity Provider change logs out current users.
- If you decide to continue,
select Confirm.
- Select Next.
The Onboarding - Access
Groups window displays.
- Configure Users and Devices.
- Configure Resources.
- Configure Applications and Application Groups.
You can skip this step if you
are using Secure Network Access.
- Configure Policies.
