Microsoft Azure AD (SAML) Realm: SAML Details

This task discusses the first step in a multi-step wizard that creates a Microsoft Azure AD (SAML) realm. You must complete all steps in the wizard to set up your realm. The steps are different depending on whether you create the realm for active or passive authentication.

Before you begin

Complete all of the following tasks before you create your realm:

(Passive authentication with Cisco ISE only.) If you're using Cisco ISE as the repository for users and groups, set up ISE:
- About Azure AD and Cisco ISE with Resource Owned Password Credentials
- About Azure AD and Cisco ISE with TEAP/EAP-TLS
To use Azure AD as the repository for users and groups, see Configure Microsoft Azure Active Directory for Passive Authentication.
Get required information for your realm as discussed in Get Required Information For Your Microsoft Azure AD Realm.

Procedure

Step 1

Step 2

Click Policies > FTD Policies.

Step 3

Click Integration > Other Integrations > Realms.

Step 4

From the list, click SAML - Azure AD.

Step 5

Enter the following information.


Item	Description
Name	Unique name to identify the realm.
Description	(Optional.) Description of the realm.
Identity Provider	Always displays Azure AD.
Configuration Type	Click one of the following: Passive Authentication with ISE for passive authentication. Passive authentication or captive portal with Azure AD for to use Azure AD as a user store for either passive authentication or active authentication (that is, captive portal).

Step 6

Click Next.

What to do next

One of the following:

Passive authentication: Microsoft Azure AD (SAML) Realm: Azure AD Details.
Active authentication: Microsoft Azure AD (SAML) Realm: SAML Service Provider (SP) Metadata.