Arnica Documentation
  • Introduction
  • Getting Started
    • 🔑Sign Up
    • ▶️SCM Integrations
      • Azure DevOps
      • Bitbucket Cloud
      • Bitbucket Server & Datacenter
      • Github
        • GitHub Audit Logs
        • Github App Permissions
      • Gitlab
    • 📤ChatOps
      • Microsoft Teams
      • Slack
        • Adding Arnica to a New Channel
        • Interacting With the Arnica Slackbot
    • 🎫Ticket Management
      • 🐛Jira Integration
      • 📋ADO Boards Integration
    • 🧠Artificial Intelligence
      • Azure OpenAI
      • OpenAI ChatGPT
    • 🏨On Premise Integrations
  • Inventory
    • 💼Identities, Repositories & Organizations
    • 📇Software Bill of Materials (SBOM)
    • 🦄Prioritization & Product Ownership
  • Hardcoded Secrets
    • 🕵️Secret Detection
    • ⏪Realtime Secret Mitigation
    • 🥕Secrets Policy Settings
  • Code Risks
    • 🎼Static Application Security Testing (SAST)
      • Custom SAST Rules
    • 🧩Software Composition Analysis (SCA)
    • 🔡3rd Party Package Licenses
      • Override License Classifications
    • 🤹3rd Party Package Reputation
      • Identifying Low Rep Packages
      • How to Find Alternative Packages
    • ⛅Infrastructure as Code Security (IaC)
    • 🤖Code Risk Policy Settings
      • Developer Feedback On Push
      • Require Review Before Dismissal
      • 0 New High Severity Vulnerabilities
      • Enforce Remediation SLA
    • 🪄Code Risk Magic Links
    • 📦Code Risk Language and Framework Support
  • Platform Operations
    • 🚪Joining an Existing Org
    • ❌Deleting a Tenant
    • 🫂How do I invite members to my tenant?
      • New User Invitations
    • 👥Users & Roles
    • 🔇Deleting Integrations
    • ⌛Scheduled Jobs
      • How often do Jobs run?
    • 💸Billing
  • Security
    • 🎮Role Based Access Control (RBAC)
    • 🛡️Data Handling
    • 🏛️SSO Integration
      • Okta Integration
      • Entra ID Integration
Powered by GitBook
On this page
  • Entra integration instructions
  • Get organization identified in Arnica
  • Add app integration in Entra

Was this helpful?

  1. Security
  2. SSO Integration

Entra ID Integration

This article describes the process of integrating Arnica with Microsoft Entra SSO

PreviousOkta Integration

Last updated 3 months ago

Was this helpful?

Entra integration instructions

By integrating Arnica with Entra single sign on (SSO) you can ensure that all users authenticating with Arnica are doing so through your organizations-managed Entra provisioning and de-provisioning. The setup of the integration requires taking steps on Arnica and Entra. Below are the details.

Get organization identified in Arnica

  1. Sign into Arnica and click on your avatar.

  2. Select Edit Account

  3. Copy the Organization ID (we will call it YOUR_ARNICA_ORGANIZATION_ID in the next steps in this guide).

Add app integration in Entra

The following steps must be completed by a Cloud Application Administrator, or owner of the service principal:

  2. Click on Add and select Enterprise Application.

  1. You will then be redirect to Microsoft's Entra Gallery. Choose the option to Create your own application.

  1. Name the integration Arnica and choose the option to integrate with a non-gallery application.

  1. Under Getting Started select Set up single sign on.

  1. Choose SAML as the Single sign-on method.

  1. Basic SAML configuration A. Identifier (Entity ID): enter urn:auth0:arnica-prod:{YOUR_ARNICA_ORGANIZATION_ID} B. Reply URL: enter https://arnica-prod.us.auth0.com/login/callback?connection={YOUR_ARNICA_ORGANIZATION_ID} C. Leave the other fields with their default value.

  1. In “Attribute Statements”: add the following mappings (These statements may be included by default)

Name
Type
Value

emailaddress

SAML

user.mail

givenname

SAML

user.givenname

surname

SAML

user.surname

email_verified

SAML

true

  1. In "Add a Group Claim": add the following mapping: a. Set Group association to "Groups assigned to the application" b. Change Source attribute to "Cloud-only group display names"

⚠️ IMPORTANT: This configuration will only pass groups that have been assigned to the Arnica SAML application.

  1. SAML Certificates A. Download a copy of your signing certificate (Base64) B. Copy your login URL

    1. Subject: SSO Onboarding Request

    2. Email domain: the domain for which you would like to setup SSO, e.g., yourcompany.com

    3. Arnica Organization ID: your arnica organization ID obtained earlier.

    4. Login URL: the Login URL from the step above.

    5. Attach the Signing Certificate from the step above.

    6. Leave a contact phone number and available times for Arnica’s customer success to help with the onboarding process.

    7. We are typically fast at responding to these requests, but please allow up to 1-2 business days to get confirmation.

Navigate to Microsoft's Entra admin center via the following URL: . This page will result in a 401 error if you do not have permissions.

Send the following to the following information.

🏛️
https://entra.microsoft.com/
support@arnica.io
https://app.arnica.io/