Requirements
- Advanced Authentication + User Management
This guide covers how to set up SAML using the pre-configured SAML app in Azure. If you have trouble using the pre-configured app, you can also connect Azure as a custom integration using the instructions from the generic SAML guide.
- 1
-
Within Azure Active Directory, navigate to Enterprise Applications > New Application. Search for the Robin app and then click Create.
- 2
-
Within the Robin app in Azure, select Single sign-on, scroll down & download the Federation Metadata XML file. You need this file for step 5.
- 3
-
As a Robin admin, open the Robin web dashboard and navigate to Manage > Integrations. Scroll down to the "Authentication methods" section to locate the SAML SSO option.
- 4
-
Click + Add to open the configuration module.
- 5
-
Click Import Metadata to import the XML file you previously downloaded from Azure in step 2.
- 6
-
Then click Advanced Options (see image above) to select the auth contexts.
- 7
-
Select Password Protected Transport & Windows from the Auth Context menu.
Common errors
Seeing “AADSTS750161:Allowed SAML authentication request's NameIDPolicy formats are: urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress,urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified,urn:oasis:names:tc:SAML:2.0:nameid-format:persistent,urn:oasis:names:tc:SAML:2.0:nameid-format:transient.” after attempting to sign in?
Double check the auth contexts set in Robin match the above.
AADSTS75011: Authentication method used doesn't match the requested authentication method? Uncheck all the options within the Auth Context menu to allow the IdP to negotiate the assertion format.