Unable to enter Application ID URI when setting up Azure SSO
search cancel

Unable to enter Application ID URI when setting up Azure SSO


Article ID: 232267


Updated On:


CASB Security Premium IAAS


Azure SSO fails  when configured using older documentation.

The following error is shown.


Microsoft made changes to Azure.  See Microsoft Doc here


Follow the steps below. The documentation at the following link has also been updated and is accurate.  "Configuring CloudSOC at Azure AD

  1. Log in to the Azure AD management portal as an administrator
  2. Go to Applications -> Enterprise applications
  3. Click + New Application
  4. Click + Create your own application
  5. Enter a name and choose "Integrate any other application you don't find in the gallery (Non-gallery)". Then click Create

  6. Choose the Single Sign-on page
  7. Select the SAML sign-on method
  8. In section 1, Basic SAML Configuration, click Edit

  9. Enter the following:
    Identifier (Entity ID) = https://app.elastica.net/  (Make sure this is default)
    Reply URL = https://app.elastica.net/saml2/acs/
    Sign on URL = https://app.elastica.net/saml2/acs/
    Relay State = leave blank
    Logout URL = https://app.elastica.net/saml2/ls/

    Note: If in the EU see the URLs in Additional Information Below

  10. In the Users and Groups page, add any user or group that should be able to use SSO to login to CloudSOC
  11. In section 3, SAML Signing Certificate, copy the App Federation Metadata URL

  12. Log in to CloudSOC with your admin login
  13. Go to Settings and select Single Sign-on
  14. Select AzureAD as the single sign-on, and paste the Federation Metadata URL from step 11 into the IDP Metadata identity provider field
    1. If you receive an Error Parsing Metadata during when you click on Test of this step then see the article Error Parsing Metadata
  15. Select SHA256
  16. Click Configure. A success message is displayed informing you that SSO was configured successfully

Additional Information


Identifier (Entity ID) = https://app.eu.elastica.net/  (Make sure this is default)
Reply URL = https://app.eu.elastica.net/saml2/acs/
Sign on URL = https://app.eu.elastica.net/saml2/acs/
Relay State = leave blank
Logout URL = https://app.eu.elastica.net/saml2/ls/