# Microsoft Azure

## Overview

Applications created with Microsoft Azure support single sign-on and can be used to sign in to Labii.

{% embed url="<https://youtu.be/FIdbUbepuwE>" %}

## Setup Labii SSO with OneLogin

#### To use Microsoft Azure as your IdP to connect with Labii:

1. Create an application. Please make sure to select **Non-gallery**.

   ![](https://github.com/Labii/labii-gitbook-docs/blob/gitbook/admin-guide/single-sign-on/broken-reference)
2. Once created, go to the application and select **Single sign-on** on the left panel. Click **SAML** as the SSO method.

   ![](https://github.com/Labii/labii-gitbook-docs/blob/gitbook/admin-guide/single-sign-on/broken-reference)
3. Basic SAML Configuration:
   1. Identifier (Entity ID) -> Copy and paste **Entity Id** from Labii
   2. Reply URL (Assertion Consumer Service URL) -> Copy and paste **Acs Url** from Labii
4. Update the **Attribution Map** in Labii:\
   `{`

   `"email": "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress",`

   `"username": "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress",`

   `"last_name": "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname",`

   `"first_name": "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname"`

   `}`
5. Update **Metadata Auto Conf Url** in Labii with **App Federation Metadata Url** from Azure\
   or, update the **Metadata Xml** in Labii with the content from **Federation Metadata XML** downloaded at Azure
6. Update **Idp Logout Url** in Labii with **Logout URL** from Azure
7. For the **Idp Login Url** in Labii, the **Login URL** from Azure DOES NOT work. Please goes to Properties -> Copy the User access URL and update the **Idp Login Url** in Labii with the **User access URL.**