Microsoft Entra ID (Azure AD) and Gearset setup

Steps for configuring SSO when you are using Microsoft as the identity provider.

Mark Allan avatar
Written by Mark Allan
Updated over a week ago

This article is specific to using Microsoft Entra for SAML SSO and explains how to configure Microsoft Entra and Gearset to work together. It should be read alongside the general SAML SSO documentation.

Note: SAML SSO is only supported on the Deployment Enterprise and Data Backup Enterprise tiers. SAML user accounts are new, distinct accounts and cannot be linked to old accounts e.g. Google, Salesforce. Connections, jobs and other settings will need to be recreated.

Create an application for Gearset SSO in Microsoft Entra

(If you already have a suitable application set up, skip to the next section)

Go to Microsoft Entra admin center -> Enterprise applications -> New application

Click on Create your own application, enter a name for the application (for example "Gearset SSO"), select Integrate any other application you don't find in the gallery and then click Create.

Once the application is created, select Single sign-on and SAML.

This will leave you at the SAML configuration screen:

Configure the Microsoft Entra application

At this point, also open the Single sign-on page in Gearset in a separate tab.

In section 1 (Basic SAML configuration):

  • Set Identifier (Entity ID) to Gearset's Entity ID

  • Set Reply URL (Assertion Consumer Service URL) to Gearset's Assertion Consumer Service (ACS) URL

In section 2 (Attributes & Claims):

Configure Gearset single sign-on

Still in Microsoft Entra, click the Edit button in section 3 (SAML Certificates) and download the certificate in Base64 format.

In the Gearset Single sign-on page, locate the Identity Provider section. Copy and paste the contents of the downloaded certificate file into the Active Signing Certificate text box.

Finally, in the same section:

  • Set Issuer ID to the Microsoft Entra application's Microsoft Entra ID Identifier

  • Set Identity Provider Single sign-on URL to the Microsoft Entra application's Login URL

Save changes in both Microsoft Entra and Gearset. You should now be able to assign users to the Microsoft Entra application and sign in to Gearset with these users.

Did this answer your question?