Create a Microsoft Azure AD (SAML) realm for active authentication (captive portal)

Create a Microsoft Entra ID SAML realm for active authentication where users must authenticate with Microsoft Entra ID before accessing protected resources.

In active authentication (also referred to as captive portal), Microsoft Entra ID is the user store. When a user tries to access a protected resource as defined in access control rules, the user must authenticate with Microsoft Entra ID first.

To configure the realm, complete all tasks in the following order.

Procedure

Step 1

Configure Entra ID basic settings.

Step 2

Configure a single sign-on (SSO) app in Entra ID.

Step 3

Get required information for your Microsoft Azure AD realm (active authentication only)