Skip to main content

SSO/SAML Setup: Microsoft Entra ID

Note: DataGrail only supports connections with SAML v2.0.

Create Entra ID App to log in to DataGrail

  1. Navigate to Microsoft Entra ID

    image

  2. Add a new Enterprise Application

    image

  3. Choose Create your own application

    image

  4. Enter DataGrail for the application name and click Create at the bottom of the pane

    image

  5. You will see the home page for the new App

    image

Assign Owner and Users​

Under User and Groups:

  1. Select Owners

    1. Click + Add button, search your name and any owners of this app

    2. Click Select to add owners

    image

  2. Select Users

    1. Click + Add user button

    2. Search and select users that need access to DataGrail

    3. Click Select

    4. Click Assign

Configure SAML settings​

  1. Select Single sign-on

    image

  2. Choose SAML

  3. Under (1) - Basic SAML Configuration, click the Edit (pencil) button, set:

    image

    1. Identifier (Entity ID): datagrail (Note: it’s important that it’s all lower case)

    2. Reply URL: https://{yourdomainhere}.datagrail.io/saml/auth

      1. Example: if DataGrail was installing this saml solution to host our own platform login, the above url would be https://datagraildemo.datagrail.io/saml/auth

    3. Sign on URL: https://{yourdomainhere}.datagrail.io/saml/login

      1. Example: if DataGrail was installing this saml solution to host our own platform login, the above url would be https://datagraildemo.datagrail.io/saml/login

    4. (Everything else is blank)

    5. Click the 💾Save button

    image

  4. Under (2) - User Attributes & Claims:

    image

    1. Click Add new claim, and set

      1. Name: email

      2. Source: Attribute

      3. Source attribute: user.mail

      4. Click 💾Save button

    2. Click Add new claim, and set

      1. Name: first_name

      2. Source: Attribute

      3. Source attribute: user.givenname

      4. Click 💾Save button

    3. Click Add new claim, and set

      1. Name: last_name

      2. Source: Attribute

      3. Source attribute: user.surname

      4. Click 💾Save button

    4. Optional: remove all other attributes

Sharing the Metadata URL​

Under (3) - SAML Signing Certificate:

  1. Click the Copy button next to App Federation Metadata Url

 

Need help?
If you have any questions, please reach out to your dedicated CSM or contact us at support@datagrail.io.

Disclaimer: The information contained in this message does not constitute as legal advice. We would advise seeking professional counsel before acting on or interpreting any material.