---
title: "Fortanix DSM with Microsoft Entra ID for SAML Authentication"
slug: "using-fortanix-data-security-manager-with-microsoft-entra-id"
updated: 2026-04-01T07:59:11Z
published: 2026-03-17T08:34:48Z
---

> ## Documentation Index
> Fetch the complete documentation index at: https://support.fortanix.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Fortanix DSM with Microsoft Entra ID for SAML Authentication

## 1.0 Introduction

This article describes the steps to integrate **Fortanix-Data-Security-Manager (DSM)**with **Microsoft Entra ID** using a **Security Assertion Markup Language (SAML)**configuration for **Single Sign-On (SSO)**-based authentication.

It also covers the following details:

- Creating a new Microsoft Entra ID application and configuring it with SAML for secure authentication.
- Adding SAML authentication to an existing Enterprise application in Microsoft Entra ID.

## 2.0 Prerequisites

Ensure you have the following:

- An active Azure subscription with administrator (admin) permissions in Microsoft Entra ID.
- Admin access to Fortanix DSM for configuring SAML-based SSO.
- An existing Enterprise application already set up in Microsoft Entra ID.

## 3.0 Create a New Entra ID Application with SAML

Perform the following steps to create a new Microsoft Entra ID application and configure it with SAML for secure authentication:

1. Log in to the [Azure Portal](https://portal.azure.com).
2. From the Azure home page, navigate to **Microsoft Entra ID**. You will find it under Azure services or in the left navigation menu.

![A screenshot of a computer  AI-generated content may be incorrect.](https://cdn.us.document360.io/c3bd85d2-4ad8-4d85-9f60-f1c168a3aad9/Images/Documentation/using-fortanix-data-security-manager-with-microsoft-entra-id-image-qqde17yn.png)

**Figure 1: Access Microsoft Entra ID**
3. Select **Enterprise applications** under the **Manage** menu.

![A screenshot of a computer  AI-generated content may be incorrect.](https://cdn.us.document360.io/c3bd85d2-4ad8-4d85-9f60-f1c168a3aad9/Images/Documentation/using-fortanix-data-security-manager-with-microsoft-entra-id-image-46kf4ika.png)

**Figure 2: Select Enterprise Applications**
4. Click **New Application**.

![A screenshot of a computer  AI-generated content may be incorrect.](https://cdn.us.document360.io/c3bd85d2-4ad8-4d85-9f60-f1c168a3aad9/Images/Documentation/using-fortanix-data-security-manager-with-microsoft-entra-id-image-x5dw9c0l.png)

**Figure 3: Create a new application**
5. Click **Create your own application** in the upper-left corner of the page.

![A screenshot of a computer  AI-generated content may be incorrect.](https://cdn.us.document360.io/c3bd85d2-4ad8-4d85-9f60-f1c168a3aad9/Images/Documentation/using-fortanix-data-security-manager-with-microsoft-entra-id-image-jw37uhzo.png)

**Figure 4: Create your own application**
6. On the **Create your own application** form:

![A screenshot of a computer  AI-generated content may be incorrect.](https://cdn.us.document360.io/c3bd85d2-4ad8-4d85-9f60-f1c168a3aad9/Images/Documentation/using-fortanix-data-security-manager-with-microsoft-entra-id-image-2uecx239.png)

**Figure 5: Add a name to the application**
  1. Enter the name of the application.
  2. Ensure **Integrate any other application you don’t find in the gallery** (**Non-gallery**) is selected.
  3. Click **Create** to add a new application.
7. On the application’s **Overview** page, select **Single Sign On** from the **Manage** menu.

![A screenshot of a computer  AI-generated content may be incorrect.](https://cdn.us.document360.io/c3bd85d2-4ad8-4d85-9f60-f1c168a3aad9/Images/Documentation/using-fortanix-data-security-manager-with-microsoft-entra-id-image-w4p5jsx8.png)

**Figure 6: Select SSO**
8. Select **SAML** from the available SSO methods.

![A screenshot of a computer  AI-generated content may be incorrect.](https://cdn.us.document360.io/c3bd85d2-4ad8-4d85-9f60-f1c168a3aad9/Images/Documentation/using-fortanix-data-security-manager-with-microsoft-entra-id-image-vthtv6wz.png)

**Figure 7: Select SAML**
9. Fill the required fields on the **SAML-based Sign-on** page and click **Test**. To verify the configuration.

![A screenshot of a computer  AI-generated content may be incorrect.](https://cdn.us.document360.io/c3bd85d2-4ad8-4d85-9f60-f1c168a3aad9/Images/Documentation/using-fortanix-data-security-manager-with-microsoft-entra-id-image-noduwrsx.png)

**Figure 8: SAML-based sign-on**

Where,
  - In the **Identifier (Entity ID)** field, enter the value in the following format: `https://&lt;fortanix_dsm_url&gt;/saml/metadata.xml` . For example, `https://amer.smartkey.io/saml/metadata.xml`.
  - In the **Reply URL (Assertion Consumer Service URL)** field, enter the value in the following format: `https://&lt;fortanix_dsm_url&gt;/saml/`. For example, `https://amer.smartkey.io/saml/`.
  - In **SAML Certificates** section, provide a **Notification Email**address and add a new certificate. Activate the certificate and save.
  - Download the **Federation Metadata XML**file. Open the file in a text editor and copy the complete XML content. This will be required later in Fortanix DSM for SAML configuration.

> [!NOTE]
> NOTE
> 
> You cannot create additional Entra ID applications with SAML; however, you can modify the existing **Identifier (Entity ID)** and **Reply URL**URLs and related settings.
  - If the **Identifier (Entity ID)** and **Reply URL**URLs are changed, a new SAML certificate must be generated and activated, and the old certificate must be deleted.

## 4.0 Configure Microsoft Entra ID SSO in Fortanix DSM

Perform the following steps to integrate Fortanix DSM with Microsoft Entra ID using SAML configuration:

1. Log in to the Fortanix DSM.
2. In the Fortanix DSM user interface (UI), navigate to **Settings**→ **AUTHENTICATION**tab, and select **SINGLE SIGN-ON** as the authentication method.
3. Click **ADD SAML INTEGRATION** to add a new SAML integration.

![](https://cdn.us.document360.io/c3bd85d2-4ad8-4d85-9f60-f1c168a3aad9/Images/Documentation/SSO-Screen-1(1).png)

**Figure 9: Add SAML SSO**
4. On the **Add SAML integration** page:
  1. Click **UPLOAD A FILE** to browse and upload the SAML file downloaded in *Step 9*of [*Section 3.0: Create a New Entra ID Application with SAML*](/v1/docs/using-fortanix-data-security-manager-with-microsoft-entra-id#30-create-a-new-entra-id-application-with-saml)**or directly paste the XML content saved previously in the text field.
  2. **SSO Title:**Add a customized SSO name.
  3. **Logo URL**: Add a URL for the logo image.
  4. Click **ADD INTEGRATION**.

![A screenshot of a computer  AI-generated content may be incorrect.](https://cdn.us.document360.io/c3bd85d2-4ad8-4d85-9f60-f1c168a3aad9/Images/Documentation/using-fortanix-data-security-manager-with-microsoft-entra-id-image-6cmu9txy.png)

**Figure 10: SAML SSO is added**
5. After successfully integrating with Microsoft Entra ID SSO, Fortanix DSM displays the configured SSO.

![A screenshot of a computer  AI-generated content may be incorrect.](https://cdn.us.document360.io/c3bd85d2-4ad8-4d85-9f60-f1c168a3aad9/Images/Documentation/using-fortanix-data-security-manager-with-microsoft-entra-id-image-yy12h3o7.png)

**Figure 11: SCIM SSO configured**

## 5.0 Test the Integration

Perform the following steps to verify the SSO integration:

1. Log out of Fortanix DSM to sign in using SSO.
2. On the Fortanix DSM **Login**screen, click the **LOG IN WITH MICROSOFT ENTRA ID**to log in using the newly added SSO configuration.

![A screenshot of a computer  AI-generated content may be incorrect.](https://cdn.us.document360.io/c3bd85d2-4ad8-4d85-9f60-f1c168a3aad9/Images/Documentation/using-fortanix-data-security-manager-with-microsoft-entra-id-image-ir0971ah.png)

**Figure 12: Test the integration**
3. The Microsoft Azure login page appears. Enter the SSO user credentials to log in and follow the steps.

![A screenshot of a computer  AI-generated content may be incorrect.](https://cdn.us.document360.io/c3bd85d2-4ad8-4d85-9f60-f1c168a3aad9/Images/Documentation/using-fortanix-data-security-manager-with-microsoft-entra-id-image-zvag6ht2.png)

**Figure 13: Log in to the Microsoft Entra page**
4. You will now be automatically logged in to Fortanix DSM and reach the Fortanix DSM accounts page.

## 6.0 Add SAML to an Existing Enterprise Application

If an Enterprise application already exists in Microsoft Entra ID, perform these steps to add SAML to it:

1. In Microsoft Entra ID, open your Enterprise application.
2. Perform *Steps 7 to 9* in [*Section 3.0: Create a New Entra ID Application with SAML*](/v1/docs/using-fortanix-data-security-manager-with-microsoft-entra-id#30-create-a-new-entra-id-application-with-saml)*.*

After adding the SAML to an existing application:

1. Perform the steps mentioned in [*Section 4.0: Configure Microsoft Entra ID SSO in Fortanix DSM*](/v1/docs/using-fortanix-data-security-manager-with-microsoft-entra-id#40-configure-microsoft-entra-id-sso-in-fortanix-dsm) to set up the SSO in Fortanix DSM.
2. Perform the steps mentioned in [*Section 5.0: Test the Integration*](/v1/docs/using-fortanix-data-security-manager-with-microsoft-entra-id#50-test-the-integration) to verify the integration.

Fortanix Data Security Manager (DSM) is the world’s first cloud service secured with Intel® SGX. With Fortanix DSM, you can securely generate, store, and use cryptographic keys and certificates, as well as other secrets such as passwords, API keys, tokens, or any blob of data. Your business-critical applications and containers can integrate with Fortanix DSM using legacy cryptographic interfaces (PKCS#11, CNG, and JCE) or using the native Fortanix DSM RESTful interface.