Here is a step-by-step guide on how to setup Sana as a SAML 2.0 application in Microsoft Entra.

To configure SSO, you need one of the following roles: Global Administrator, Cloud Application Administrator, Application Administrator, or owner of the service principal (read more here).

3. In the Basic SAML Configuration step enter the following info (Replace DOMAIN with your actual Domain at Sana):

4. In the Attributes & Claims step, make sure email, firstName and lastName are configured as attributes. Ensure that the format follows the same below, otherwise the accounts will not be created through the SAML request.

5. In the Set up single sign-on with SAML step, in the SAML Signing Certificate section, select Download to download the Certificate (Base64) from the specified options. You will need to provide this in a later step.

6. On the Set up step, copy the values from Login URL & Azure AD Identifier fields. You will need these at the next step

7. Provide your Sana Integrations Specialist / Engagement Manager with all the information here:

8. We will set your Sana app with this configuration. Once this is done, you can test the setup using the Test single sign-on through your Identity Provider:

This means that the SSO configuration is not correctly setup. It's either the attribute is not in the same format (email could be Email) or there is a namespace in the attribute. Kindly double-check Step 4 above.
​
Our standard format for attributes are:

This means that your company's IT team has not added you to your company's Microsoft Entra Sana application. To resolve this, you'll just need to ask your company's IT team to add you to the Sana application in Microsoft Entra.