To set up SAML SSO with Microsoft Entra ID as an Identity Provider in DMARCwise, follow these instructions:

  • Open the Microsoft Entra admin center.
  • Navigate to ApplicationsEnterprise applications.
  • Click on New application in the top bar.
  • Click on Create your own application in the top bar.
  • Type DMARCwise as the name, choose Integrate any other application you don’t find in the gallery (Non-gallery) and click Create.
  • Wait for the Enterprise Application to be created and then click Single sign-on in the sidebar.
  • Choose SAML as a single sign-on method.
  • Next to Basic SAML Configuration, click Edit.

Microsoft Entra ID SAML configuration

Now you have to open the SSO settings page of your DMARCwise account to gather some configuration settings.

Specifically, you’ll need the Service Provider Entity ID and Assertion Consumer Service (ACS) URL parameters.

  • In the SSO settings page, click Configure.
  • Copy the Entity ID and paste it in the Identifier (Entity ID) section of the Microsoft Entra SAML configuration dialog.
  • Copy the Assertion Consumer Service (ACS) URL and paste it in the Reply URL (Assertion Consumer Service URL) section.
  • Click Save.

Microsoft Entra ID SAML configuration

  • Scroll down to the third section of the page and find the App Federation Metadata Url.

Microsoft Entra ID SAML configuration

  • Back in the DMARCwise SSO settings page, click Next.
  • Paste the URL you just copied in the Metadata URL field.
  • Click Enable SSO to save the configuration and enable SSO.

Microsoft Entra ID SAML configuration

Finally, in Microsoft Entra assign users or groups that you want to authorize to log in to DMARCwise.

Microsoft Entra ID SAML configuration

Find more information about testing and enforcing SSO in Setting up SSO.

Setting up application roles

To set up application roles so that role assignments are synced from Microsoft Entra to DMARCwise, follow these instructions:

  • In the Enterprise Application you created above, navigate to the Properties page.
  • Click on the application registration link.

Microsoft Entra ID SAML configuration

  • Choose App roles in the sidebar, click Create app role
  • Enter the following settings:
    • Display name: Admin
    • Allowed member types: Users/Groups
    • Value: Admin
    • Description: Admin
  • Click Apply

Microsoft Entra ID SAML configuration

  • Repeat the process until you have the following 4 roles set up:
    • Admin
    • Member
    • Viewer
    • Billing

When assigning users to the Enterprise Application you’ll now have the option to choose a role.

DMARCwise will assign and sync this role to the user when the user logs in with SSO.