If you previously configured Azure SAML SSO for Insomnia using the Microsoft Entra SAML Toolkit from the gallery, you need to recreate the application as a custom non-gallery app to use SCIM provisioning. Your existing SSO configuration cannot be migrated. Follow this guide from the beginning to create a new custom app.
Configure Azure SAML SSO in Insomnia
Related Documentation
TL;DR
Obtain the single sign-on URL from the Insomnia SSO settings and configure a new custom enterprise application in Azure with those values. Copy the Login URL and signing certificate from Azure and enter those in the Insomnia SSO settings. Finally, add users or groups to the Azure app and invite those same users to Insomnia.
Prerequisites
Insomnia role
This tutorial requires the Owner role in your Insomnia account.
Azure permissions
You need:
- A Microsoft Entra subscription
- Cloud Application Administrator or Application Administrator permissions
Domain permissions
This tutorial requires a verified domain in Insomnia:
- Go to Enterprise Controls > Domains and add a new domain.
- Add the generated TXT record to your DNS tool.
- Click Verify Domain.
Create the SSO connection in Insomnia
Start the SSO configuration in Insomnia first to get the single sign-on URL and audience URI you’ll need in Azure.
- In your Insomnia account settings, click your account at the top right and select Enterprise Controls from the dropdown.
- Click SSO in the sidebar and then click Create Connection.
- In the SSO settings, enter your company’s domain.
Keep this window open while you configure the settings in Azure.
Create a custom enterprise application and configure SSO settings
Create a custom enterprise application in Azure and configure it with the values from Insomnia.
Do not use the Insomnia app from the Azure application gallery. Gallery apps do not support SCIM provisioning. Creating a custom app is required if you need automatic user provisioning.
- In the Microsoft Entra admin center, go to Microsoft Entra ID > Enterprise applications.
- Click New application, then click Create your own application.
- Enter Insomnia SAML as the application name, select Integrate any other application you don’t find in the gallery (Non-gallery), and click Create.
- From the application, select Single Sign-On from the left sidebar, then select SAML.
-
Configure the following SAML SSO settings:
Azure setting
Value
Identifier (Entity ID) The Audience Restriction field in the Insomnia SSO settings. Reply URL The SSO URL in the Insomnia SSO settings. Sign on URL The SSO URL in the Insomnia SSO settings. -
In the Attributes & Claims settings section, add an attribute and configure the following attribute settings:
Azure setting
Value
Name email Source Attribute Source attribute user.email - In the Entra application, find and copy the Login URL and the base64 version of the signing certificate.
Enter the sign on URL and signing certificate in the SSO settings in Insomnia
Enter the Login URL and certificate from Azure to finish the SSO configuration in Insomnia.
- In the Insomnia SSO settings, enter the Login URL and signing certificate from Azure.
- To verify the connection, click Create connection. If the connection is successful, you will get a message that says “Your SAML connection has been successfully updated.”
Add users or groups to the application in Azure
Assign users or groups to the application in Azure. Users cannot log in with SSO until they are invited to Insomnia in the next step.
In Azure, assign users or groups to the app.
Invite users to Insomnia
Invite users to Insomnia. Once they accept, they can log in with SSO.
- In your Insomnia account settings, click your account at the top right and select Your organizations.
- Click the organization you configured SSO for.
- Enter the emails of the users you added to the Azure app and click Invite.