Skip to Content

Create users in Ezeelogin with the same user group in Azure AD

How to auto-create the Azure SSO user to the same group in Ezeelogin?

This feature is available from Ezeelogin version 7.36.0.

Refer article to upgrade Ezeelogin to the latest version.

1. Login to Azure and in enterprise application click on Single sign-on -> Attributes & Claims Edit -> Copy Claim names and paste them into the advanced SAML setting in Ezeelogin.

2. Click on Add a group claim -> select All groups -> Save.

3. Copy the Claim names and paste them into the SAML setting of Ezeelogin.

Note: Please review the attributes listed below if you encounter the following error while attempting to log in as a SAML user.
Could not get username from SAML response

4. Create a new app registration in Azure Microsoft Entra ID.

5. Register the application with a name and select Accounts in any organizational directory.

6. Click on the application created, certificate & secrets, and create a new client secret.

7. Copy the new secret value, client ID, and tenant ID, then paste them into Ezeelogin SAML Azure AD Settings.

8. Click on application permission -> add a permission -> Microsoft graph -> application permission -> enable Group.Read.All.

9. Click on grant admin consent for default directory.

10. Create the user group in Ezeelogin with the exact same group name that exists in Azure and set a higher priority for auto-creation for that group.

11. Change Web panel Authentication to SAML from Ezeelogin GUI -> Settings -> General -> Authentication.

12. Enable auto create user from Ezeelogin GUI -> Settings -> General -> Security -> Enable Auto Create User.

13. Relogin to Ezeelogin GUI with Azure user credentials and the user will be auto-created to the same group in Azure.

 

Related Article: