Setting up a SAML2 SSO requires configuration in both the TinQwise platform and an "identity provider". Microsoft Azure is a common identity provider, and this article will show how to set it up.

In Azure we will be creating an "enterprise application" within "Microsoft Entra", which in the past was called "Azure AD" or "Azure Active Directory".

Log in to the Azure portal and go to Microsoft Entra.

Select "Enterprise Applications".

Select "New Application"

Select "Create your own application"

Fill in a name for the application such as "TinQwise" and select the "Non-gallery" option.

Now the application you just created is shown. Click "Set up single sign on":

Select "SAML" for single-sign-on method

Download your metadata file from

https://[your platform name].platform.co.nl/saml2/metadata/

Save this file to your computer.
​

In Azure, now select "Upload metadata file" and upload the file.

Now all settings are filled in automatically.

Copy the "App Federation Metadata Url", as we'll need this in the next step when configuring the TinQwise application.

Continue configuring the SAML connection on the TinQwise platform.