SSO with Microsoft Entra/Azure AD

1. Navigate to Microsoft Entra (previously called Azure Active Directory) admin centre: https://entra.microsoft.com/

2. Click on "Enterprise Applications"

3. Click "+ New Application"

4. Select “Non-gallery application”, give the application a name (e.g. “Hut Six”), and click Add.

5. Click Users and groups

6. Click Add user, then select a user to test with. This user must not have an existing account on Hut Six.

7. Once you have added a user to test with, click Single sign-on

8. Select SAML

9. In the Basic SAML Configuration box, click the pencil icon to edit the settings

10. You should now see the following form:

11. Open a new tab and navigate to the Hut Six settings page, then click on Directory Services.

12. Click on the information tab.

13. In the form from (Step 10), set the following values:

14. In the Hut Six dashboard, click on the “Configuration” tab and set the Directory Services Integration to 'Federated Identity'.

Note - If you plan on using SCIM for automatic user provisioning, you should use hybrid identity.

15. Update the form to the following Values:

16. In an incognito window, or a separate browser, navigate to your organisation’s Hut Six domain (e.g. https://your-org.hutsix.io) and click on the “Login with your organisation” link.

17. Login with your test account

18. (Optional) Consider setting the “Login Page Behaviour” to “Redirect to Single Sign-on (SSO) Login Page). This will mean that users will not have to click the “Login with your organisation” link on the Hut Six login page.