This topic tells you how to set up Microsoft Entra ID with Security Assertion Markup Language (SAML) as the identity provider for Single Sign‑On for VMware Tanzu Application Service.

Microsoft Entra ID is Microsoft’s multitenant, cloud-based directory and identity management service.

For how to set up Microsoft Entra ID with Open ID Connect (OIDC), see Microsoft Entra ID OIDC Integration Guide.

Prerequisites

To integrate Microsoft Entra ID with Tanzu Operations Manager, you must have the following:

  • A Microsoft Entra ID subscription
  • A user with admin privileges

Note To configure SAML, you must have the Single Sign-On service broker installed on your Ops Manager deployment. You need to create a plan, grant any plan administrators, and specify any organizations this plan should be the authentication authority for. For help configuring plans, see the Manage Service Plans topic.

Microsoft Entra ID Integration Guide

Configuring Microsoft Entra ID with Single Sign‑On

Complete both steps below to integrate your deployment with Microsoft Entra ID and Single Sign‑On.

  1. Configure Microsoft Entra ID as a SAML Identity Provider
  2. Configure a Single Sign‑On Service Provider

Testing and Troubleshooting

check-circle-line exclamation-circle-line close-line
Scroll to top icon