Account
      Back to home
      1. Support Center
      2. Safous ZTA Admin Guide
      3. Account

      Azure AD Group (IdP) Integration

      For basic SAML integration with Azure AD (Entra ID), please refer to the following article: https://support.safous.com/kb/saml-identity-providers-configuration

      To configure an Azure AD Group (IdP) integration, navigate to Accounts > Groups (IdP) and click "New Group".

      By default, the name of the attribute is groups, so set it to groups. To extract the Group Name and Expected Value, follow these steps:

      1. Open your Azure AD management console: https://portal.azure.com/

      2. Navigate to the Enterprise Applications screen.

      3. Locate the following columns, which map to the fields in Safous:

        • Name (Azure) → Group Name (Safous)
        • Object ID (Azure) → Expected Value (Safous)

      For the integration to work, set the Group Claims in the SAML application in Azure AD

      If group claims are not defined on your Azure AD, you can add the claims.

      Edit your claims:

      Here you add a group claim. In the advanced options, enter a claim name that you will also configure in Safous: