SSO with Azure AD SAML

Azure AD SAML Integration with LeanIX SMP



Instruction on this page is valid for the SaaS Management Product (SMP) product only. If you want to implement a single sign-on (SSO) for Enterprise Architecture Management (EAM) and Value Stream Management (VSM), please go here.

Create a new Enterprise Application in AzureAD

  1. Login to your Microsoft Azure Active Directory and go to Enterprise Applications, click New Application
  1. Select Create your own application
  1. Enter LeanIX SMP to name field and select Integrate any other application you don’t find in the gallery and then click Create
  1. When LeanIX SMP enterprise application is added select 2. Set up single sign on.
  1. Then select SAML single sign-on method
  1. For Set up Single Sign-On with SAML step you will need data from LeanIX SMP settings. Select Custom (SAML) option for Single Sign On.

In Azure AD select Edit under Basic SAML Configuration:
● Copy Identifier (Entity ID) value from LeanIX SMP and paste it in Azure AD field Identifier (Entity ID) field and set it as Default.
Copy Reply URL value from LeanIX SMP and paste it in Azure AD field Reply URL (Assertion Consumer Service URL) and set it as Default.
● Copy Single Sign On URL value from LeanIX SMP and paste it under Sign on URL.

Click Save.

  1. Under SAML Signing Certificate download the Federation Metadata XML as you will need to upload this file into LeanIX SMP.


  1. In Account settings SSO settings in LeanIX SMP, select Custom (SAML) and upload the file you downloaded before from Azure AD, under Provider metadata.
  1. Set Allowed domains (e.g. or from which are users allowed to sign in.
  2. Last, click on Enabled checkbox and Save changes for SAML button and
  3. You should be able to sign in to LeanIX SMP using AzureAD. In case of misconfiguration please use username/password to sign into LeanIX SMP to modify your configuration.

Did this page help you?