Microsoft Entra ID

SSO with Microsoft Entra ID is available on Postman Enterprise plans.

To configure SSO with Microsoft Entra ID (formerly Azure Active Directory), you can use the available Postman app in Microsoft Entra ID. You must be an administrator in both Microsoft Entra ID and Postman to configure SSO for your team.

Configuring SSO with Microsoft Entra ID

Before configuring a SAML application in Microsoft Entra ID, you must configure SSO in Postman. When choosing the Authentication Type, select SAML 2.0. Name your authentication and Proceed.

Configure identity provider details in Postman

To continue configuring your SAML application, do the following:

  1. Open your Microsoft Entra ID management portal in a new tab.

  2. Go to Enterprise applications and select + New application.

  3. Search for "Postman" and select the Postman app from the results, then select Create.

  4. Select Set up single sign on > SAML.

  5. Take the Entity ID, Login URL, and ACS URL from Postman and add them to your SAML configuration in Microsoft Entra ID.

    Basic SAML configuration in Microsoft Entra ID

  6. In Postman, select Generate relay state and add the generated value to your SAML configuration in Microsoft Entra ID.

    Generate relay state in Postman

  7. Under Attributes & Claims in Microsoft Entra ID, select Edit > Add new claim. Map the Unique User Identifier (Name ID) to the user.mail value.

    Attributes and claims in Microsoft Entra ID

  8. Download the Federation Metadata XML file in Microsoft Entra ID under SAML Signing Certificate.

    SAML signing certificate in Microsoft Entra ID

  9. In Postman, upload the Federation Metadata XML file under Identity Provider Metadata File. Or, you can enter the Identity Provider SSO URL, Identity Provider Issuer, and X.509 Certificate individually under Identity Provider Details.

  10. Select Save Authentication in Postman.

You can test your SAML configuration by creating a test user in Microsoft Entra ID and assigning them the Postman app. If you've chosen to automatically add new users when configuring SAML, you'll be able to immediately sign in Postman with the test user's credentials to confirm the process works as expected. If you haven't chosen to automatically add new users, you can manually invite the test user to your Postman team and then sign in to Postman with the test user's credentials.

If you encounter any issues, confirm you've added and saved the correct configuration values on both Postman and Microsoft Entra ID. Contact Postman support for further help.

Next steps

Now that you have set up SSO with Microsoft Entra ID, you can learn about setting up SCIM provisioning:

Last modified: 2022/03/14

Postmanaut dancing. Illustration.