Docs » About SSO integrations for Splunk Observability Cloud » Configure an Azure Active Directory (Azure AD) SSO integration

Configure an Azure Active Directory (Azure AD) SSO integration πŸ”—

The Microsoft Azure Active Directory (Azure AD) integration lets users log in to Observability Cloud using their Azure AD account.

Before you begin configuring the Azure AD integration, ensure you have completed the steps in Configure SSO integrations for Splunk Observability Cloud, including the section Name an SSO integration to learn about naming your integrations.

To configure an Azure AD SSO integration, you must be an administrator for your organization. To learn more, see Grant and revoke administrative access.

Note

The procedure for creating multiple integrations for Azure AD is different from the procedure for creating a single integration.

Configure Azure AD for a single organization πŸ”—

For instructions, see Tutorial: Azure Active Directory single sign-on (SSO) integration with SignalFx on the Microsoft documentation website.

Configure Azure AD for multiple organizations πŸ”—

  1. In a new browser tab or window, access Tutorial: Azure Active Directory single sign-on (SSO) integration with SignalFx on the Microsoft documentation website.

  2. After you complete step 7, do the following:

    1. In the Azure AD integration tile, select Integration-specific Entity ID.

    2. Copy the URI that appears next to check box, so you can use it in steps 4a and 4b of the section Step 3: Configure Azure AD SSO.

  3. When you reach step 4a and 4b of Step 3: Configure Azure AD SSO, use the integration-specific entity ID you copied from Observability Cloud instead of the URLs listed in the instructions.

  4. Proceed with the rest of the instructions.

After you complete these steps, the Azure AD SSO integration is available to users in your Azure AD organization. When users sign in to Observability Cloud from Azure AD for the first time, they receive an email containing a link that they must open in order to authenticate. This only occurs the first time the user signs in. Subsequent login attempts don’t require validation.

If you want to turn off the email authentication feature, contact Splunk Observability Cloud support.

Once you have a custom URL configured, your users can continue to log in using their existing username/password pair, or they can use their Azure AD credentials instead. Azure AD SSO authentication and Observability Cloud username/password authentication are independent.

Report an issue πŸ”—

Before you create an issue or open a support request, try gathering the following information:

  • What happened and the impact of the issue.

  • All the steps you’ve followed until the issue appeared.

  • What was the expected outcome.

  • Your attempts to solve the issue, including workarounds.

  • The operating system, runtime or compiler version, libraries, frameworks, and application servers of your environment, including your instrumentation settings.

  • Debug logs and other logs that might help troubleshoot the issue.

To get help, see Splunk Observability Cloud support.