Afternoon
I’m looking to get PSU 3.6.4 working with our Azure SAML/MFA - I’ve tried adding SAML2 auth though the only documentation is for Okta…any help with getting Azure SAML working?
Thanks.
Any reason you can’t use OpenID?
We use SAML as our auth method of choice. A business decision.
I do believe I had this working in my environment at one point. Can you let me know what issues you are having or errors you are seeing?
I’ll open an issue in our tracker to get this documented.
Hi Adam,
Thanks - ATM I’ve not been able to get anything working. It would be good to have some specific documentation on how to get Azure SAML working.
What are the URLs I should be using for EntityID/callbacks etc…I used the Okta example to “guess” /Saml/Acs - I seem to remember that these are arbitrary URLs they just need to match?
Here’s a scrape…any guidance, gratefully received.
Set-PSUAuthenticationMethod -Type "Saml2"
-EntityId “https://psu.localdomain.com/Saml/Acs” -IdentityProviderEntityId 'https://login.microsoftonline.com/<GUID>/saml2'
-MetadataAddress ‘https://login.microsoftonline.com//federationmetadata/2007-06/federationmetadata.xml?appid=’ -SingleSignOnServiceUrl 'https://login.microsoftonline.com/<GUID>/saml2'
-CallbackPath “https://psu.localdomain.com/”
Sounds good. I’ll see if we can get something put together this week. I’ll update this post once it’s completed.
I’ve updated the docs here: https://docs.powershelluniversal.com/config/security/saml2#example-azure-ad
1 Like