Azure Active Directory

Integrating AzureAD with env0 as a SAML provider

Introduction

This guide will detail the various steps required to integrate AzureAD as a SAML provider for your env0 organization. The current implementation will create an AzureAD registered application with the Microsoft identity platform.
This will be used for authentication only, where you define your users in your AzureAD and enable them access to your env0 organization.
In addition, we also support group syncing of the logged in user to match those with env0 teams.

Steps

  1. Follow this guide to register an application in Microsoft identity platform: https://docs.microsoft.com/en-us/azure/active-directory/develop/quickstart-register-app
  2. Leave the Redirect URI empty.
  3. In the platform setting you need to select Web
  4. Add a Redirect URI with this value: https://login.app.env0.com/login/callback
  5. Create a Client Secret.
  6. Send your account manager the Application (client) ID and the Client Secret of the app they created.

🚧

Teams Syncing

Teams will be synced each time a user will login with the following logic:

  1. env0 will create a new team if one doesn't exists based on the group name we received from the SMAL provider.
  2. If the team exists in env0 we will not create a new team.
  3. We will assign the user to all the teams in env0 based on the group names he is part of in the SMAL provider..
  4. If the user was removed from a group in the SAML provider we will remove him from the team in env0.

Did this page help you?