Configuring Single Sign-On (SSO) with Entra ID (Formerly Microsoft Azure) for Brightflag Clients

Brightflag supports Single Sign-On (SSO) integration with Entra ID (formerly Microsoft Azure Active Directory - Azure AD). This integration allows users to seamlessly access Brightflag without requiring manual authentication.

Your Brightflag Implementation Manager or Customer Success Manager (CSM) can assist with setup if needed.

Setting Up an Entra ID (Azure) Application

• Go to Microsoft Entra ID Portal.
• Click on MS Entra ID.
• Navigate to Enterprise Applications.
• Click on New Application.
• Click Create your own application.
• Enter Brightflag as the Application Name.
• Select "Integrate any other application you don’t find in the gallery (Non-gallery)".
• Click Create.

Step 2: Configuring the SSO Connection

Once the application is created, configure it based on your company's Brightflag region.

Region-Based SSO Configuration

📌 Replace COMPANY_NAME with your company's name.

Step 3: Configuring Attributes for Authentication

1. Go to Attributes Settings.
2. Ensure the following case-sensitive attributes are configured:

⚠️ Important:

• If these attributes are not included in the request, authentication will fail.
• Case sensitivity matters—ensure that the attribute names match exactly.

Step 4: Sending Federation Metadata to Brightflag

Once configuration is complete:

1. Return to the App Connection Page in Entra ID.
2. Click Download Federation Metadata XML.
3. Send the XML file to Brightflag Support for final setup.