---
title: "Integrating Federated Authentication with Azure Active Directory"
date: "2022-02-03T17:33:25+00:00"
summary:
image:
type: "article"
url: "/acquia-cloud-platform/help/94056-integrating-federated-authentication-azure-active-directory"
id: "2af62385-4fcf-47b4-93f0-f35486ee1495"
---

_​Note: This guide includes screenshots and instructions for a third-party platform that could change at any time. Be sure to reference Azure Active Directory's documentation for the latest information._ 

Please find full documentation for Federated Authentication [here](/node/56058).

1.  First, an Azure AD administrator should select **New Application** 
    
    ![Microsoft Azure Enterprise Applications interface showing options to add, filter, and manage applications with search and visibility settings.](https://acquia.widen.net/content/4cb5d8b9-7603-475e-99a2-963ea9f386b2/web/ka06g000001tvi500N6g00000VCdgi0EM6g000002VvR5.png)
    
    ![A black square with no visible elements or details.](https://acquia.widen.net/content/7f0e740a-df2a-44b3-8bbc-fb84d9a00c56/web/ka06g000001tvi500N6g00000VCdgi0EM6g000002VvQV.png?animate=true)
    
2.  Next, select **Create your own application**, and choose **Integrate any other application you don’t find in the gallery (non-gallery).** 
    1.  NOTE: Name the application in a way that will make it easy for you to identify - the name has no bearing on the integration with the Acquia Cloud Platform. 
        
        ![Azure AD Gallery interface for creating applications, displaying cloud platforms like AWS, Google Cloud, Oracle, and SAP, with configuration options on the right.](https://acquia.widen.net/content/328b34dd-f9c1-437c-a761-50dd075f9e51/web/ka06g000001tvi500N6g00000VCdgi0EM6g000002VvRF.png)
        
         
        
        ![A black square with no visible features or content.](https://acquia.widen.net/content/352e7cee-cb4a-4956-8444-63c45947325a/web/ka06g000001tvi500N6g00000VCdgi0EM6g000002VvQW.png?animate=true)
        
3.  Choose the **SAML** single sign-on method 
    
    ![Options for single sign-on methods: Disabled, SAML, Password-based, and Linked. SAML is highlighted, offering secure authentication using Security Assertion Markup Language protocol.](https://acquia.widen.net/content/6c0f3a5d-d551-4828-82d0-abc0b8f55d76/web/ka06g000001tvi500N6g00000VCdgi0EM6g000002VvRZ.png)
    
    ![A silhouette of a person jumping with arms and legs spread wide against a white background.](https://acquia.widen.net/content/5cc020cb-c270-4bb2-ba6d-30d30b62dd1d/web/ka06g000001tvi500N6g00000VCdgi0EM6g000002VvQX.png?animate=true)
    
4.  Begin to Configure the application. NOTE: Start with section 4, **Set up \[Application Name\].** This section contains the first pieces of metadata that you will need to enter on the Acquia Cloud Platform UI.
    1.  Copy the **Login URL** (shown below) and enter it in the **SSO URL** field on the Acquia Cloud Platform UI.
    2.  Copy the **Azure AD Identifier** (shown below) and enter it in the **Entity ID** field on the Acquia Cloud Platform UI. 
        
        ![Setup screen for Acquia Cloud linking with Azure AD, showing fields for Login URL, Azure AD Identifier, and Logout URL.](https://acquia.widen.net/content/c8632ef6-3751-40d2-989c-9e311a7ee6cb/web/ka06g000001tvi500N6g00000VCdgi0EM6g000002VvSI.png)
        
        ![Black square with no visible elements or details.](https://acquia.widen.net/content/05aa2d35-4044-47bf-9673-7ec162d53ff3/web/ka06g000001tvi500N6g00000VCdgi0EM6g000002VvQY.png?animate=true)
        
5.  Next, go to section 3, **SAML Signing Certificate** and download the public certificate in PEM format. The option to download in PEM format is not readily available on this screen. To download it, click the edit pencil in the upper right corner of the box. Find the certificate, and then click the breadcrumbs to find **PEM Certificate download**. Download the certificate, and then copy and paste it into the Acquia Cloud Platform UI. 
    
    ![SAML Signing Certificate details with status, expiration date, and download links for certificate and metadata. An edit icon is visible.](https://acquia.widen.net/content/613946d0-3976-4707-ade9-af0c53375bab/web/ka06g000001tvi500N6g00000VCdgi0EM6g000002VvSN.png)
    
     
    
    ![Black square with no visible details or content.](https://acquia.widen.net/content/8b83c8c0-9441-49ea-88d7-ef2507de3b00/web/ka06g000001tvi500N6g00000VCdgi0EM6g000002VvQZ.png?animate=true)
    
6.  Now, go back to section 1, **Basic SAML Configuration**. Here, Azure AD requires you to provide metadata from the Cloud Platform.
    1.  In the **Identifier (Entity ID)** field (shown below), enter the **Entity ID** from the Acquia Cloud Platform UI. Be sure to set it as the default value.
    2.  In the **Reply URL (Assertion Consumer Service URL)** field (shown below), enter the **ACS Link** from the Acquia Cloud Platform UI. 
        
        ![Single Sign-On setup screen with SAML configuration. "Identifier" and "Reply URL" are marked as required; other fields are optional.](https://acquia.widen.net/content/0e414ba3-0801-44c7-b7e9-0ccc0ee62382/web/ka06g000001tvi500N6g00000VCdgi0EM6g000002VvSc.png)
        
         
        
        ![A stick figure holding a large key, standing on a small platform.](https://acquia.widen.net/content/245ae8a1-8a93-4490-b785-ee780ef096c0/web/ka06g000001tvi500N6g00000VCdgi0EM6g000002VvQa.png?animate=true)
        
7.  Double check this information, and submit. Review your final configuration and **Enable** the connection when you are ready.

​