Skip to main content

SSO/SAML Setup: Microsoft Entra ID

Note: DataGrail only supports connections with SAML v2.0.

Create Entra ID App to log in to DataGrail

  1. Navigate to Microsoft Entra ID

    image

  2. Add a new Enterprise Application

    image

  3. Choose Create your own application

    image

  4. Enter DataGrail for the application name and click Create at the bottom of the pane

    image

  5. You will see the home page for the new App

    image

Assign Owner and Usersโ€‹

Under User and Groups:

  1. Click Properties under the newly created application

    1. Download DG Logo [attached in email]

    2. For the logo, set the image downloaded above

    3. Click the ๐Ÿ’พSave button

    image

  2. Select Owners

    1. Click + Add button, search your name and any owners of this app

    2. Click Select to add owners

    image

  3. Select Users

    1. Click + Add user button

    2. Search and select users that need access to DataGrail

    3. Click Select

    4. Click Assign

Configure SAML settingsโ€‹

  1. Select Single sign-on

    image

  2. Choose SAML

  3. Under (1) - Basic SAML Configuration, click the Edit (pencil) button, set:

    image

    1. Identifier (Entity ID): datagrail (Note: itโ€™s important that itโ€™s all lower case)

    2. Reply URL: https://{yourdomainhere}.datagrail.io/saml/auth

      1. Example: if DataGrail was installing this saml solution to host our own platform login, the above url would be https://datagraildemo.datagrail.io/saml/auth

    3. Sign on URL: https://{yourdomainhere}.datagrail.io/saml/login

      1. Example: if DataGrail was installing this saml solution to host our own platform login, the above url would be https://datagraildemo.datagrail.io/saml/login

    4. (Everything else is blank)

    5. Click the ๐Ÿ’พSave button

    image

  4. Under (2) - User Attributes & Claims:

    image

    1. Click Add new claim, and set

      1. Name: email

      2. Source: Attribute

      3. Source attribute: user.mail

      4. Click ๐Ÿ’พSave button

    2. Click Add new claim, and set

      1. Name: first_name

      2. Source: Attribute

      3. Source attribute: user.givenname

      4. Click ๐Ÿ’พSave button

    3. Click Add new claim, and set

      1. Name: last_name

      2. Source: Attribute

      3. Source attribute: user.surname

      4. Click ๐Ÿ’พSave button

    4. Optional: remove all other attributes

Sharing the Metadata URLโ€‹

Under (3) - SAML Signing Certificate:

  1. Click the Copy button next to App Federation Metadata Url

  2. Send this to support@datagrail.io

**Disclaimer: The information contained in this message does not constitute as legal advice. We would advise seeking professional counsel before acting on or interpreting any material.