Learn how to configure Microsoft Entra ID for Infisical SSO.
Prepare the SAML SSO configuration in Infisical
Create a SAML application in Azure
https://app.infisical.com
with your own domain.email -> user.userprincipalname
firstName -> user.givenname
lastName -> user.surname
Retrieve Identity Provider (IdP) Information from Azure
Finish configuring SAML in Infisical
-----BEGIN CERTIFICATE-----
and -----END CERTIFICATE-----
at the first and last line
of the text area respectively.Having trouble?, try copying the X509 certificate information from the Federation Metadata XML file in Azure.Assign users in Azure to the application
Enable SAML SSO in Infisical
Enforce SAML SSO in Infisical
/login/admin
path e.g. https://app.infisical.com/login/admin.AUTH_SECRET
and SITE_URL
environment variable for it to
work:AUTH_SECRET
: A secret key used for signing and verifying JWT. This
can be a random 32-byte base64 string generated with openssl rand -base64 32
.SITE_URL
: The absolute URL of your self-hosted instance of Infisical including the protocol (e.g. https://app.infisical.com)