Skip to main content

SSO/SAML Setup: Microsoft Entra ID

Note: DataGrail only supports connections with SAML v2.0.

Create Entra ID App to log in to DataGrail

  1. Navigate to Microsoft Entra ID

    Microsoft Entra ID

  2. Add a new Enterprise Application

    Enterprise Application

  3. Choose Create your own application

    Create your own application

  4. Enter DataGrail for the application name and click Create at the bottom of the pane

    Create Application

  5. You will see the home page for the new App

    New App Home Page

Assign Owner and Users​

Under User and Groups:

  1. Select Owners

    1. Click + Add button, search your name and any owners of this app

    2. Click Select to add owners

    image

  2. Select Users

    1. Click + Add user button

    2. Search and select users that need access to DataGrail

    3. Click Select

    4. Click Assign

Configure SAML settings​

  1. Select Single sign-on

    image

  2. Choose SAML

  3. Under (1) - Basic SAML Configuration, click the Edit (pencil) button, set:

    Edit SAML Configuration

    1. Identifier (Entity ID): datagrail (Note: it’s important that it’s all lower case)

    2. Reply URL: https://{yourdomainhere}.datagrail.io/saml/auth

      1. Example: if DataGrail was installing this SAML solution to host our own platform login, the above url would be https://datagraildemo.datagrail.io/saml/auth

    3. Sign on URL: https://{yourdomainhere}.datagrail.io/saml/login

      1. Example: if DataGrail was installing this SAML solution to host our own platform login, the above url would be https://datagraildemo.datagrail.io/saml/login

    4. (Everything else is blank)

    5. Click the 💾Save button

    image

  4. Under (2) - User Attributes & Claims:

    image

    1. Click Add new claim, and set

      1. Name: email

      2. Source: Attribute

      3. Source attribute: user.mail

      4. Click 💾Save button

    2. Click Add new claim, and set

      1. Name: first_name

      2. Source: Attribute

      3. Source attribute: user.givenname

      4. Click 💾Save button

    3. Click Add new claim, and set

      1. Name: last_name

      2. Source: Attribute

      3. Source attribute: user.surname

      4. Click 💾Save button

    4. Optional: remove all other attributes

Sharing the Metadata URL​

Under (3) - SAML Signing Certificate:

  1. Click the Copy button next to App Federation Metadata URL

 

Need help?
If you have any questions, please reach out to your dedicated Account Manager or contact us at support@datagrail.io.

Disclaimer: The information contained in this message does not constitute as legal advice. We would advise seeking professional counsel before acting on or interpreting any material.