Custom SAML in Azure AD
The steps in this topic describe how to configure a custom SAML application in Azure AD.
Before you set up a custom SAML application in Azure Active Directory (AD), you must configure SSO in Postman. Select "AD FS" as the "Authentication Type" and allow "Identity Provider Details" to remain empty for now.
Next, sign in to the Azure management portal using your Azure Active Directory administrator account.
Browse to the Azure Active Directory > [Directory] > Enterprise Applications, and select "New Application".
Select "Non-gallery application".
Enter the name of the application and click "Add".
Assign a test user to the application. (Required)
In the "Configure Single Sign-on" section, select "SAML-based Sign-on" in the "Single Sign-on Mode" dropdown.
Configure the SAML integration. The table below describes the values of the fields in this configuration.
|Identifier||The Entity ID for your Postman custom SSO auth. You can find it in the Team page.|
|Reply URL||The ACS URL for your Postman custom SSO auth. You can find it in the Team page.|
|User Identifier||Select user.mail from the dropdown|
Download the "SAML Signing Certificate" (Base64 format) and click the Save button.
After the setup is complete, submit your Identity Provider details to Postman. For more information, see Intro to SSO.
Navigate to your team settings in the Postman Web dashboard. To update the identity provider details, navigate to Authentication > <AzureAuthName> and click Edit, then Proceed. Fill in the following details:
|Identity Provider Issuer||The SAML Entity ID of your Azure AD application|
|Identity Provider SSO URL||The SAML Single Sign-on Service URL of your Azure AD application|
|X.509 Certificate||Contents of the SAML Signing Certificate file|
Once your details are complete, click Generate relay/Regenerate relay to create a parameter to send with a SAML response in an IDP-initiated single sign-on. Click Save Authentication.
Navigate back to your Postman configuration in Azure AD.
Check the Show advanced URL settings option. This will provide access to the Relay state, where you can enter the parameter you generated in Postman during your custom auth configuration setup.
Save your Azure AD configuration. The setup should now be complete, allowing you to login to Postman using SSO via the Azure AD identity provider.