Microsoft Azure SAML

Configure IdP

Login to Microsoft Azure, open the menu and search for "Azure Active Directory" and click it.
Click "Add" and select "Enterprise application".
Click on "Create your own application".
Choose a name for the app (Sandbox), and select the "Non-gallery" option.
Select "Set up single sign on".
Select "SAML".
A settings menu will be shown. In this menu all the SAML details will be filled from now on. The details provided by email from Hatching support are required in this step as mentioned in Prerequisites. Click on "Edit".
Fill in the received Service Provider Entity ID at "Identifier (Entity ID)" (dot 1).
The "Single Sign on URL" should be placed in the "Reply URL" field (dot 3).
Enter the "SSO start URL" at the field "Sign on URL"

Finally, hit Save (dot 4). After saving, you can hit the X not shown in the screenshot and click Edit at step 2, "Attributes & Claims".
First add the attribute "email" and select "user.mail" as its value. Next, add the attribute "displayname" and select "user.displayname" as its value.
Proceed by clicking on "App Federation Metadata Url" and copy the URL and send this to support@recordedfuture.com. **.

This example uses App Roles to configure roles for this SAML app. There are more ways to configure this.

Create roles by navigating to the App Registrations list and clicking the Recorded Future Sandbox app.
Open the App Roles pane and create App roles for each role listed in the role matrix.
Navigate to the "Attributes and Claims" section of the Recorded Future Sandbox Enterprise Application registration. Add the attribute sandbox_role bound to the value user.assignedroles.

When assigning a user to the Recorded Future Sandbox Enterprise application registration, you will now be asked to assign a role.