Configuring Microsoft Entra ID (Azure Active Directory) Integration with SAML
This guide shows you how to configure Microsoft Entra ID (Azure Active Directory) and Acunetix Premium+ for Single Sign-On.
Microsoft Entra ID (previously called Azure Active Directory) is a universal platform designed to protect and manage access to identities. The Entra ID service provides Single Sign-On (SSO) access to apps and services from anywhere.
Single Sign-On Fields
This table lists and explains the Single Sign-On fields.
Field | Description |
SAML 2.0 Service URL | This is the Consumer URL value (also called the SSO Endpoint or Recipient URL). |
Identifier | This is the base URL of Acunetix. |
SSO Provider | This is a drop-down to choose your SSO provider. |
SAML 2.0 Endpoint | This is the URL from your IdP's SSO Endpoint field. |
IdP Identifier | This is the SAML identity provider’s Identifier value. |
X.509 Certificate | This is the X.509 certificate value. |
How to configure Entra ID with SAML
There are two parts to this procedure:
How to add Acunetix to Azure AD
- Log in to the Azure Portal.
- Select the Azure Active Directory.
- From the Enterprise Applications page, select + New application.
- From the Browse Azure AD Gallery page, select + Create your own application.
- On the right panel, enter a name for your application in the input name field. (You can enter any name you want. For this example, we use Acunetix.)
- Select Integrate any other application you don't find in the gallery (Non-gallery).
- Click Create to add the application.
Wait for a while, so the app is added to your tenant.
You can now configure Azure AD Single Sign-On Integration with SAML. To do this, you need an Acunetix and Azure account.
How to configure Azure Active Directory Single Sign-On with SAML
- Log in to the Azure Portal.
- Select Enterprise applications.
- From the Enterprise Applications page, select Acunetix.
- Select Set up Single Sign-On, then SAML.
- On the Set up Single Sign-On with SAML page, click the pencil icon for Basic SAML Configuration to edit the settings.
- Open another tab, and log in to Acunetix.
- From the main menu, select Settings > Users & Access >SSO.
- Turn on the Enable SSO toggle.
- Select AzureAD from the SSO Provider drop-down list.
- Copy the URL from the SAML 2.0 Service URL field.
- Switch to the Azure AD tab and click Edit in the Basic SAML Configuration section.
- Paste the copied SAML 2.0 Service URL into the Reply URL field.
- Switch to the Acunetix tab. Copy the URL from the Identifier field.
- Switch to the Azure AD tab. Paste the URL into the Identifier field.
- Select Save.
- Ensure that the Attributes & Claims section is set according to the image below. Click Edit if you need to adjust any of the parameters to match the image below.
- In the Azure AD tab, copy the URL from the Microsoft Entra Identifier field and paste this URL into the IdP Identifier field in Acunetix.
- In Azure AD, copy the URL from the Login URL field and paste this URL into the SAML 2.0 Endpoint field in Acunetix.
- In Azure AD, download the Certificate (Base64). Open the certificate with a text editor.
- Copy the content of the certificate into the X.509 Certificate field in Acunetix.
- In Acunetix, select Sign requests, then choose either:
- Generate a new certificate for me; OR
- I have an existing certificate, then upload your certificate and enter the certificate password.
- In Azure AD, click the ellipses in the Verification certificates (optional) section.
- Enable the Require verification certificates checkbox.
- Click the upload icon next to Upload certificate and select your certificate from step 21. Then click Save.
- Return to your Acunetix SSO page and use the SSO Exemptions drop-down to select any users you want to exempt from SSO. Doing this means the selected users must log in to Acunetix via password.
- Click Save to complete the configuration.
Acunetix informs you that the SSO configuration is saved.
You can now add users to your app on Azure AD, so they can log in to Acunetix. To do so, go to Users and groups on Azure AD.
To view the Microsoft documentation on this integration, refer to Tutorial: Azure Active Directory single sign-on (SSO) integration with Acunetix 360.