Configure SSO with Microsoft Entra ID

This guide covers the configuration steps required to integrate NeoLoad Web with Microsoft Entra ID. It's designed for collaboration between IdP administrators and NeoLoad Web administrators.

For general SSO concepts and additional configuration options, check out Single Sign-On.

Before you start

Make sure you meet the following prerequisites:

  • Administrative access to your Microsoft Entra ID tenant (opens in new tab).

  • Administrative access to NeoLoad Web.

  • The NeoLoad Web domain URL where users will access the application.

  • Understanding of SAML 2.0 authentication concepts.

Configure Microsoft Entra ID

To integrate NeoLoad Web with Microsoft Entra ID, you add NeoLoad Web to Microsoft Entra ID. For information on how to create applications in Microsoft Entra ID, check out the Microsoft Entra ID documentation (opens in new tab).

For NeoLoad Web, make sure you configure the following:

  • Identifier (Entity ID): Set to a unique value that you'll use in NeoLoad Web.

  • Reply URL (Assertion Consumer Service URL): Set to https://<your-NLW-domain>/sso/saml.

  • Sign on URL: Set to your NeoLoad Web login page.

  • firstName claim: Map to user.givenname.

  • lastName claim: Map to user.surname.

Configure NeoLoad Web

After configuring Microsoft Entra ID, set up the SSO configuration in NeoLoad Web:

  1. Sign in to NeoLoad Web as an administrator.

  2. Go to Settings > SSO and select Create.

  3. To upload the identity provider metadata, select IDP Metadata and paste the SAML metadata content that you downloaded from Microsoft Entra ID.

  4. Select Edit Configuration and set the SP Entity ID to match the identifier you configured in Microsoft Entra ID. Configure any required certificates and private keys for signing or encryption in PEM format.

  5. Choose Force authentication if you want users to authenticate each time they access NeoLoad Web.

  6. To validate the setup, select Test SAML request generation.

  7. Set the Activation status to Active. Double-check that the status indicator shows green, otherwise SSO won't function properly.

Troubleshoot common issues

If you encounter problems during setup or testing, verify the following things:

  • The Entity ID values match exactly between Microsoft Entra ID and NeoLoad Web.

  • The reply URL in Microsoft Entra ID matches your NeoLoad Web domain.

  • The required user attributes (firstName and lastName) are properly mapped in the SAML claims.

  • Users are assigned to the application in Microsoft Entra ID.

  • The SAML metadata you've pasted into NeoLoad Web is complete and accurate.