Configuring Single Sign-on with Microsoft Entra ID (Azure Active Directory)

Before configuring SSO with Microsoft Entra ID, contact Tamr Support ([email protected]) for the following information:

  • Identifier (Entity ID). This value beings with the string urn:auth0:.
  • Reply URL (Assertion Consumer Service URL)
  • Sign on URL. Note that this value is the same as the Reply URL.

After configuring SSO with Microsoft Entra ID, send the following information to Tamr Support:

  • Certificate (Base64)
  • Login URL

To configure SSO with Microsoft Entra ID:

  1. Sign into your Azure admin portal

  2. In the left menu, select Microsoft Entra ID.

  3. Navigate to Manage > Enterprise applications.

  4. In the Enterprise applications page, select New application .

  5. Select Create your own application .

  6. Configure the Create your own application settings as follows:

    1. Enter a name for the application. For example: tamr-sso-app

    2. Select Integrate any other application you don't find in the gallery (Non-gallery)

    3. Select Create .


  7. In the newly created application page, navigate to Manage > Single sign-on.

  8. Select SAML in the Select a single sign-on method.

  9. In the Set up Single Sign-On with SAML page, select the Edit icon in the Basic SAML configuration section.

  10. Configure the following:

    1. Enter the Identifier (Entity ID) value provided by Tamr. This value beings with the string urn:auth0:
    2. Enter the Reply URL (Assertion Consumer Service URL) and Sign on URL values provided by Tamr. The URLs for these settings is the same.
  11. Select the Edit icon in the Attributes & Claims section.

  12. Select Add new claim and then add the following fields:

    1. Email

    2. User Id

    3. Family Name

    4. Given Name

    5. Name

    6. Delete all the default claims created under the Additional Claims section.

  13. Confirm that the SAML application configuration looks similar to the following:

  14. Send the following information to Tamr Support ([email protected]) to complete the SSO configuration:

    1. Download the Certificate (Base64) from the SAML Certificates section.
    2. Copy the Login URL from Set up <application_name> section.