SSO on TAP: Azure AD

SSO integration instructions for Azure AD users.

Configure Azure AD

  • Step 1: Log in to Azure Console

  • Step 2: 2 Go to Enterprise Applications

  • Step 3: 3 Create a new application for SSO access to TAP (e.g. 'TAP-Organization-Name-Here')

  • Step 4: Configure Single Sign-On with SAML for this application:

​​Identifier (Entity ID):

urn:amazon:cognito:sp:eu-west-2_xgOvddq6D

Reply URL (Assertion Consumer Service URL):

https://tap-prod.auth.eu-west-2.amazoncognito.com/saml2/idpresponse

​​Attributes & Claims:

email -> user.mail

given_name -> user.givenname

family_name -> user.surname
d69c1edc-4ea8-48a3-9e09-2c4350110545
 
  • Step 5: Add or import users/user groups that will have access to TAP applications.