# Azure Active Directory ## Prerequisites Please have the **entity ID** (usually `appetizeio-saml`) and the **Assertion Consumer Service URL** (looks like `https://appetize.io/sso/example/cb`) you received from Appetize support. ## Azure Active Directory Setup In Azure Active Directory, go to Enterprise Applications. Create a new application. Choose a name for it (e.g. Appetize) and select "Integrate any other application you don't find in the gallery (Non-gallery).

List of enterprise apps. Click "New Application"

Choose a name, e.g. "Appetize" and choose Non-gallery

With the App created, click on "App roles". Create a role named "Appetize Admin" with value `appetize_admin`, and another role named "Appetize Developer" with value `appetize_developer`.

Creating the appetizeadmin app role. Repeat for appetize_developer.

Return to "Enterprise Applications" and choose "Appetize". Click "Users and groups" to authorize logging in. Click "Add user/group" and choose from your organization's existing users or groups. Select a role (Appetize Admin, Developer, or User) as appropriate. Save the assignment.

Go to Users and Groups for the Appetize application

Choose users and/or groups and assign them to the Admin, Developer, or User role

Click "Single sign-on" and click "SAML". Enter the entity ID and Assertion Consumer Service URL provided by Appetize support.

Enter values provided by Appetize support

On the next page, click the edit button next to "Attributes & Claims". Click "Add a new claim". Name: groups, Source: attribute, Source attribute: user.assignedroles. Save the claim.

Click Edit button next to Attributes & Claims

Name: groups. Source attribute: user.assignedroles

Return the SAML page and download the **"Federation Metadata XML" file**. Send this file to Appetize support. Alternative, you may send the **Certificate (Base64)** and the **Login URL**.

Download the Federation Metadata XML and send to Appetize support

Appetize will provision SSO for your account after receiving the information. If necessary, we may also schedule a call to test the integration. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.appetize.io/account/single-sign-on/azure-active-directory.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.