cancel
Showing results for 
Search instead for 
Did you mean: 
Reply
jamesyang
Helper I
Helper I

SAML 2.0 Integration using Dyanmics 365(AAD) as IDP

We would like to implement SSO using SAML 2.0 , the login flow is:

1. our Model Driven Power App is installed in  Dynamics 365

2. user clicks on one of  menu in our App. It auto login the user to our external web app using saml2.0 protocol

   * Dynamics 365  is the SAML IDP (which is AAD), our external app is a SAML SP.

 

could anyone share how to implement this?

 

thanks

1 ACCEPTED SOLUTION

Accepted Solutions
ChrisPiasecki
Super User
Super User

Hi James yang, 

 

Can you provide some more detail about the external application? Is it a Power Apps portal, or a custom built app? If custom, I'd recommend reviewing the document below for configuring Saml2 auth in AAD. 

 

https://docs.microsoft.com/en-us/azure/active-directory/manage-apps/configure-saml-single-sign-on

 

You'll essentially need to register your service provider app in Azure AD. If you have the metadata XML file or Url for your SP it is straightforward, you can otherwise populate the configuration metadata manually.  You'll need to setup any claims mappings needed for your application to identity the user, and if needed, any authorization. 

 

For the service provider side of things, I recommend finding a SAML2 library to use available for the language used. I've used sustainsys/saml2 for .NET apps, and spring security saml for Java. 

 

The important thing to ensure is that the configuration is consistent on both sp and idp side. E.g. Signature algorithms, endpoints, signing behavior for assertions, etc. 

 

Hope this helps. Good luck. 

 

 

 

 

 

 

View solution in original post

3 REPLIES 3
alrez
Community Support
Community Support

Hi,

 

We have some documentation on SAML 2.0 in the dynamics environment here: https://docs.microsoft.com/en-us/powerapps/maker/portals/configure/configure-saml2-settings

 

Take a look through it and see if that helps answer your question. If not this might be something that would be better to ask the Microsoft support team. If you would like to go down that route I'll include a link below; Otherwise if any other communities members have any idea feel free to chime in.

 

If you would like to create a ticket with Microsoft Customer Support here is a link on how to do so: https://docs.microsoft.com/en-us/power-platform/admin/get-help-support

 

Regards,

 

Alex

 

-------

 

Community Support Team _ Alex Rezac
If this post helps, then please consider Accept it as the solution to help the other members find it more quickly.

ChrisPiasecki
Super User
Super User

Hi James yang, 

 

Can you provide some more detail about the external application? Is it a Power Apps portal, or a custom built app? If custom, I'd recommend reviewing the document below for configuring Saml2 auth in AAD. 

 

https://docs.microsoft.com/en-us/azure/active-directory/manage-apps/configure-saml-single-sign-on

 

You'll essentially need to register your service provider app in Azure AD. If you have the metadata XML file or Url for your SP it is straightforward, you can otherwise populate the configuration metadata manually.  You'll need to setup any claims mappings needed for your application to identity the user, and if needed, any authorization. 

 

For the service provider side of things, I recommend finding a SAML2 library to use available for the language used. I've used sustainsys/saml2 for .NET apps, and spring security saml for Java. 

 

The important thing to ensure is that the configuration is consistent on both sp and idp side. E.g. Signature algorithms, endpoints, signing behavior for assertions, etc. 

 

Hope this helps. Good luck. 

 

 

 

 

 

 

Thanks Alex. we have an external app. your suggestion works.

Helpful resources

Announcements
Power Platform Call June 2022 768x460.png

Power Platform Community Call

Join us for the next call on August 17, 2022 at 8am PDT.

Power Platform Conf 2022 768x460.jpg

Join us for Microsoft Power Platform Conference

The first Microsoft-sponsored Power Platform Conference is coming in September. 100+ speakers, 150+ sessions, and what's new and next for Power Platform.

Users online (3,256)