# Entra ID This page provides step-by-step instructions for setting up Entra ID as your identity provider for Single Sign-On (SSO) in BirdCRM using SAML. **Configuration overview:** [Step 1: Start Entra ID](#entra-id-steps) – Begin by setting up specific configurations within your Entra ID account. [Step 2: BirdCRM Steps](#birdcrm-steps) – Follow the required steps within BirdCRM to integrate with Entra ID. [Step 3: Finalize Entra ID](#finalize-entra-id-steps) – Complete the configuration by finalizing settings in Entra ID. ### Entra ID Steps 1. Navigate to Enterprise Applications in Entra ID and click on New application.

2. Click on **Create your own application**.

3. Give the application a name such as BirdCRM and select Integrate any other application you don’t find in the gallery (Non-gallery) and click **Create**.

4. Click on '**2 Setup single sign on**'

5. Click on **SAML**.

6. Scroll down to section 3 '**SAML Certificates**' and click copy on the **App Federation Metadata Url**. You will need this URL to setup SAML in BirdCRM in the next section.

### BirdCRM Steps 1. Navigate to the **Access Settings** in BirdCRM located [here](https://app.bird.com/settings/security/access-settings) and click on **Set up SSO** and select **SAML**.

2. Enter a name for your SSO connection in BirdCRM and paste the metadata URL in the File URL text box and click Confirm.

{% hint style="success" %} Your SAML integration is now saved. {% endhint %} *The next steps are to add one or more domains that you can login with and also retrieve the required values to complete the Entra ID settings. The order is not important but these instructions will perform the domain validation first and then retrieve the values to use in Entra ID.* 3. To start with, select your **SSO integration** and click on **View**.

4. Now we will validate your domain(s) that you will login from Entra ID with. First click on the **Domain Validation** button available when viewing your SSO integration

5. Enter your company domain name that you login with (e.g. companyname.com) and click **Create**.

6. You will then be presented with a unique string under the **Challenge** column that needs to be placed as a TXT record in your domain. If you are unsure how to add a TXT record please consult with your DNS provider. 7. Once you have added the TXT record to verify your domain, you can select **Verify**. 8. If the TXT record was added correctly it will then show the **Status of Verified**. 9. Now we can get the final details to complete the Entra ID configuration. Click on **Details** in the SSO configuration.

10. From this screen you will need to take a copy of the **Single Sign On URL** and the **Audience URI** fields which will be used to complete your Entra ID configuration. ### Finalize Entra ID Steps 1. From the Single Sign-On section of your BirdCRM application in Entra ID, click on the Edit button under the Basic SAML Configuration box.

2. Fill out the Audience URI you copied from BirdCRM in the **Identifier (Entity ID)** field and the **Single Sign On URL** you copied from BirdCRM in the **Reply URL** field. You can leave the other fields blank. Click on **Save**.

3. Click on the **Edit** button under **Attributes & Claims**.

4. Click on **Add new claim** and enter email as the **Name** and user.userprincipalname as the **Source attribute** and click **Save**.

5. Repeat and **add another claim** with the Name name and the Source attribute user.givenname. 6. Remove any other Additional claims by clicking on the three dots menu for each claim and clicking Delete. Once you have removed the extra default claims, your **Attributes & Claims** section should look like this. *Please note that name can be set to another value if necessary but it must have a value associated with it for each user.*

7. You have now completed the Entra ID SSO setup. Make sure that you assign the application to your users and groups as required.