Development Guides

SAML Setup AZURE

Purpose: Guidelines on how to set up SAML for Azure SSO. 

Simple Use Case: You would like a SAML solution into Orion with Azure.

Scope and Outputs: This is an out of the box solution for using Azure SAML to Orion Connect SSO. 

Process Overview:

Assistance with Set up Azure for your SAML SSO to Orion.  You’ll need to request a partner ID from Orion as well as provide us with your certificate and issuer/entity ID.

Process Steps:

  • Submit a case to SME Integrations via the Orion Support App to request a Partner ID and Secret, you’ll need the Partner ID for the setup. Please allow 1-2 business days turn around.
  • Set up Basic SAML Configuration
    • Update Identifier (Entity ID): This should be your issuer URL or Firm name.  *Please provide this information to Orion with your certificate via the Orion Support app to SME Integrations. Please allow 2-4 weeks from for your certificate to be inserted.
    • Reply URL (Assertion Consumer Service URL)  :
    • https://auth.orionadvisor.com/sso/SAMLConsumer/
    • Leave Sign on URL, Relay State, and Logout URL blank
  • Input User Attributes & Claims : You will need to include the following: ** Please note attributes are case sensitive and must be as listed**
    • authFlow =  “Trusted”
    • partnerId = “Your Orion issued partner ID”
    • Unique User Identifier: Username in Orion
  • Complete SAML Signing Certificate
    • Signed areas need to be either Response or Both (Both is recommended)
      • SAML Signing Certificate – Edit- Select BOTH sign SAML Response and Assertion

Process Visualization:

Process Tips or Controls:

  1.  We do offer the authFlow types of “trustedPrompt” as well, however, “Trusted” is best practice. 
  2. Be sure the partnerId, authFlow, and authFlow type (above) are spelled as listed, as they are case sensitive.