Configuring Microsoft Entra ID (Azure Active Directory) Integration with SAML

This guide shows you how to configure Microsoft Entra ID (Azure Active Directory) and Acunetix Premium+ for Single Sign-On.

Microsoft Entra ID (previously called Azure Active Directory) is a universal platform designed to protect and manage access to identities. The Entra ID service provides Single Sign-On (SSO) access to apps and services from anywhere.

Single Sign-On Fields

This table lists and explains the Single Sign-On fields.

How to configure Entra ID with SAML

There are two parts to this procedure:

• Part 1: Add Acunetix to Azure AD
• Part 2: Configure Azure AD Single Sign-On with SAML

How to add Acunetix to Azure AD 

1. Log in to the Azure Portal.
2. Select the Azure Active Directory.
3. From the Enterprise Applications page, select + New application.
4. From the Browse Azure AD Gallery page, select + Create your own application.

5. On the right panel, enter a name for your application in the input name field. (You can enter any name you want. For this example, we use Acunetix.)
6. Select Integrate any other application you don't find in the gallery (Non-gallery).

7. Click Create to add the application.

Wait for a while, so the app is added to your tenant.

You can now configure Azure AD Single Sign-On Integration with SAML. To do this, you need an Acunetix and Azure account.  

How to configure Azure Active Directory Single Sign-On with SAML

1. Log in to the Azure Portal.
2. Select Enterprise applications.

3. From the Enterprise Applications page, select Acunetix.
4. Select Set up Single Sign-On, then SAML.
5. On the Set up Single Sign-On with SAML page, click the pencil icon for Basic SAML Configuration to edit the settings.
6. Open another tab, and log in to Acunetix.
7. From the main menu, select Settings > Users & Access >SSO.
8. Turn on the Enable SSO toggle.
9. Select AzureAD from the SSO Provider drop-down list.
10. Copy the URL from the SAML 2.0 Service URL field.

11. Switch to the Azure AD tab and click Edit in the Basic SAML Configuration section.
12. Paste the copied SAML 2.0 Service URL into the Reply URL field.
13. Switch to the Acunetix tab. Copy the URL from the Identifier field.
14. Switch to the Azure AD tab. Paste the URL into the Identifier field.
15. Select Save.

16. Ensure that the Attributes & Claims section is set according to the image below. Click Edit if you need to adjust any of the parameters to match the image below.

17. In the Azure AD tab, copy the URL from the Microsoft Entra Identifier field and paste this URL into the IdP Identifier field in Acunetix.
18. In Azure AD, copy the URL from the Login URL field and paste this URL into the SAML 2.0 Endpoint field in Acunetix.

19. In Azure AD, download the Certificate (Base64). Open the certificate with a text editor.

20. Copy the content of the certificate into the X.509 Certificate field in Acunetix.
21. In Acunetix, select Sign requests, then choose either:

• Generate a new certificate for me; OR
• I have an existing certificate, then upload your certificate and enter the certificate password.

22. In Azure AD, click the ellipses in the Verification certificates (optional) section.

23. Enable the Require verification certificates checkbox.
24. Click the upload icon next to Upload certificate and select your certificate from step 21. Then click Save.

25. Return to your Acunetix SSO page and use the SSO Exemptions drop-down to select any users you want to exempt from SSO. Doing this means the selected users must log in to Acunetix via password.
26. Click Save to complete the configuration.

Acunetix informs you that the SSO configuration is saved.

You can now add users to your app on Azure AD, so they can log in to Acunetix. To do so, go to Users and groups on Azure AD.

To view the Microsoft documentation on this integration, refer to Tutorial: Azure Active Directory single sign-on (SSO) integration with Acunetix 360.