SAML2 (Security Assertion Markup Language 2.0) in Microsoft Azure is used to facilitate Single Sign-On (SSO) capabilities for users accessing cloud applications. It allows Azure Active Directory (Azure AD) to authenticate users and provide a seamless login experience across different applications and services. When a user tries to access a SAML-enabled application, Azure AD generates a SAML assertion, a token containing user identity information and access rights. This assertion is then sent to the application, enabling secure and efficient user authentication and authorization without needing separate login credentials for each application.

In order to link Medialake to Azure, you will need the following information from your enterprise application in the Azure portal:

App Federation Metadata Url

Identifier (Entity ID)

Reply URL (Assertion Consumer Service URL)

This information can be entered into medialake in the Administration -> Settings -> Saml2 section of the website.

You will need to be a site administrator in order to access this page.

The picture below shows you the section in which this information needs to be added.

Once you have added this information, please click the save button, at which point the SAML2 connection should be activated, and Azure users can use the 'Sign in with Microsoft Azure' button on the login page to create an account or sign into their previously created account.