Entra ID Integration
This article describes the process of integrating Arnica with Microsoft Entra SSO
Entra integration instructions
By integrating Arnica with Entra single sign on (SSO) you can ensure that all users authenticating with Arnica are doing so through your organizations-managed Entra provisioning and de-provisioning. The setup of the integration requires taking steps on Arnica and Entra. Below are the details.
Get organization identified in Arnica
Sign into Arnica https://app.arnica.io/ and click on your avatar.
Select Edit Account
Copy the Organization ID (we will call it
YOUR_ARNICA_ORGANIZATION_ID
in the next steps in this guide).

Add app integration in Entra
The following steps must be completed by a Cloud Application Administrator, or owner of the service principal:
Navigate to Microsoft's Entra admin center via the following URL: https://entra.microsoft.com/. This page will result in a 401 error if you do not have permissions.
Click on Add and select Enterprise Application.

You will then be redirect to Microsoft's Entra Gallery. Choose the option to Create your own application.

Name the integration Arnica and choose the option to integrate with a non-gallery application.

Under Getting Started select Set up single sign on.

Choose SAML as the Single sign-on method.

Basic SAML configuration A. Identifier (Entity ID): enter
urn:auth0:arnica-prod:{YOUR_ARNICA_ORGANIZATION_ID}
B. Reply URL: enterhttps://arnica-prod.us.auth0.com/login/callback?connection={YOUR_ARNICA_ORGANIZATION_ID}
C. Leave the other fields with their default value.

In “Attribute Statements”: add the following mappings (These statements may be included by default)
emailaddress
SAML
user.mail
givenname
SAML
user.givenname
surname
SAML
user.surname
email_verified
SAML
true

In "Add a Group Claim": add the following mapping: a. Set Group association to "Groups assigned to the application" b. Change Source attribute to "Cloud-only group display names"

⚠️ IMPORTANT: This configuration will only pass groups that have been assigned to the Arnica SAML application.
SAML Certificates A. Download a copy of your signing certificate (Base64) B. Copy your login URL

Send the following to [email protected] the following information.
Subject: SSO Onboarding Request
Email domain: the domain for which you would like to setup SSO, e.g., yourcompany.com
Arnica Organization ID: your arnica organization ID obtained earlier.
Login URL: the Login URL from the step above.
Attach the Signing Certificate from the step above.
Leave a contact phone number and available times for Arnica’s customer success to help with the onboarding process.
We are typically fast at responding to these requests, but please allow up to 1-2 business days to get confirmation.
Last updated
Was this helpful?