---
title: 'Azure AD (Entra)'
description: 'Learn how to configure Active Directory as an identity provider for NocoDB.'
tags: ['SSO', 'Active Directory', 'SAML']
keywords: ['SSO', 'Active Directory', 'SAML', 'Authentication', 'Identity Provider']
---
:::info
For SSO Access - please reach [**out to sales team** ](https://calendly.com/nocodb ).
:::
This article briefs about the steps to configure Active Directory as Identity service provider for NocoDB
### NocoDB, Retrieve `SAML SSO` Configuration details
1. Go to `Account Settings`
2. Select `Authentication (SSO)`
3. Click on `New Provider` button
4. On the Popup modal, Specify a `Display name` for the provider; note that, this name will be used to display the provider on the login page
5. Retrieve `Redirect URL` & `Audience / Entity ID` ; these information will be required to be configured later with the Identity Provider
### Azure AD, Configure NocoDB as an Application
1. Sign in to your [Azure account ](https://portal.azure.com/#allservices ) and navigate to `Microsoft Entra admin center` > `Identity` > `Enterprise applications`
2. Click `+ New application`
3. On the `Browse Microsoft Entra Gallery` page, select `Create your own application` from the navigation bar.
a. Provide your application's name.
b. Choose `Integrate any other application you don't find in the gallery (Non-gallery)`
c. `Create`
4. On your application page, navigate to `Manage` > `Single sign-on` > `SAML`
5. Go to the `Basic SAML Configuration` section under `Set up Single Sign-On with SAML` and click `Edit`
a. Add the `Audience URI` under `Identifier (Entity ID)` .
b. Add the `Redirect URL` under `Replay URL (Assertion Consumer Service URL)` .
c. Click `Save`
6. In the `Attributes & Claims` section, click `Edit`
a. Edit the "Unique User Identifier (Name ID)" claim:
- Select `Email address` from the `Name identifier format` dropdown
- Choose `Attribute` as the `Source`
- In the `Source attribute` , select `user.mail`
- Click `Save`
[//]: # ( b. ( Optional) For custom claims:)
[//]: # ( - Click Add new claim, provide details, and save.)
[//]: # ( - Ensure the claim is visible in the Additional claims section.)
[//]: # ( - Copy the claim name for later use in NocoDB SAML configurations.)
7. Go to the `SAML Certificates` section and copy the `App Federation Metadata URL`
8. on the Application's Overview page,
- Click `Users and groups` ,
- Add the necessary users or groups to the application.
### NocoDB, Configure Azure AD as an Identity Provider
1. Go to `Account Settings` > `Authentication` > `SAML`
2. Insert `Metadata URL` retrieved in step above; alternatively you can configure XML directly as well
3. `Save`
For Sign-in's, user should be able to now see `Sign in with <SSO>` option.
:::note
Post sign-out, refresh page (for the first time) if you do not see `Sign in with <SSO>` option
:::
