Microsoft Entra ID

SSO with Microsoft Entra ID is available on Postman Enterprise plans.

To configure SSO with Microsoft Entra ID (formerly Azure Active Directory), you can use the Postman app in Microsoft Entra ID. You must be an administrator in both Microsoft Entra ID and Postman to configure SSO for your team.

Configure SSO in Postman

Before configuring a SAML application in Microsoft Entra ID, you must configure SSO in Postman. When choosing the Authentication type, select SAML 2.0. Enter a name in the Authentication name text box, then select Continue.

Configure identity provider details in Postman

Configure SSO with Microsoft Entra ID

To configure your SAML application, do the following:

  1. Open your Microsoft Entra ID management portal in a new tab.

  2. Go to Enterprise applications and select + New application.

  3. Search for "Postman" and select the Postman app from the results, then select Create.

  4. Select Set up single sign on > SAML.

  5. Take the Entity ID, Login URL, and ACS URL from Postman and add them to your SAML configuration in Microsoft Entra ID.

  6. In Postman, select Generate relay state and add the generated value to your SAML configuration in Microsoft Entra ID.

    Generate relay state in Postman
  7. Under Attributes & Claims in Microsoft Entra ID, select Edit > Add new claim. Map the Unique User Identifier (Name ID) to the user.mail value.

    Attributes and claims in Microsoft Entra ID
  8. Download the Federation Metadata XML file in Microsoft Entra ID under SAML Signing Certificate.

    SAML signing certificate in Microsoft Entra ID
  9. In Postman, upload the Federation Metadata XML file under Identity Provider Metadata File. Or, you can enter the Identity Provider SSO URL, Identity Provider Issuer, and X.509 Certificate individually under Identity Provider Details.

  10. Select Save Authentication in Postman.

Test your SAML configuration

You can test your SAML configuration by creating a test user in Microsoft Entra ID and assigning them the Postman app. If you've chosen to automatically add new users when configuring SAML, you can sign in Postman with the test user's credentials to confirm the process works as expected.

If you haven't chosen to automatically add new users, you can manually invite the test user to your Postman team. Then, sign in to Postman with the test user's credentials.

If you encounter any issues, confirm you've added and saved the correct configuration values on both Postman and Microsoft Entra ID. Contact Postman support for further help.

Next steps

After setting up SSO with Microsoft Entra ID, learn more about Configuring SCIM with Microsoft Entra ID (Enterprise teams only).

Last modified: 2024/07/01