Netskope Help

Configure an Enterprise Application in Microsoft Azure Active Directory using SAML
  1. Log in to the Microsoft Azure portal.

  2. Select Azure Active Directory:

    image1.jpeg
  3. Select Enterprise applications:

    image2.png
  4. Select New application:

    image3.jpeg
  5. Select Non-gallery application:

    image4.png
  6. Enter a name for the application and click Add.

    image5.png
  7. Select Single sign-on and then SAML.

    image6.jpeg
  8. Click the pencil icon in the Basic SAML Configuration.

    image7.jpeg
  9. You will need URLs and information from Netskope at this point. Login to your tenant and go to Settings in the bottom of the left panel.

    image8.png
  10. Click Administration and then SSO.

    image9.jpeg
  11. Copy the string from Service Provider Entity ID under the Netskope Settings section. The string should be similar to Cdc7athjXYFU06mul.

    image10.png
  12. In the Azure Portal, paste that string into the Identifier (Entity ID) field:

    image11.jpeg
  13. Copy the URL from the Assertion Consumer Service URL. The URL should be similar to https://<tenantname>.goskope.com/saml/acs

    image12.png
  14. Paste the URL into the field for Reply URL (Assertion Consumer Service URL).

    image13.png
  15. Click the pencil icon for User Attributes & Claims:

    image14.jpeg
  16. Click Add new claim:

    image15.png
  17. This pane is for the user attribute that will be passed to Netskope representing the admin role. Enter admin-role in the Name Field. You have two options for the Source Attribute field:

    1. If you want all users to have the same role then set this to a constant such as “Tenant Admin".

      image16.png
    2. If you want to assign users individual admin roles then set the Source attributed to user.assignedroles. You will need to define the admin roles as described in the section Define Custom Roles for Azure Active Directory Enterprise Application.

      image17.png
  18. Download the SAML Signing Certificate in Base64 format:

    image18.jpeg

    Save this for Step 6 in the next section, Configure SSO Settings in the Netskope UI.