Configuring SSO with Entra ID

📍 Accessing SSO Settings in FOSSA

Navigate to the SSO configuration page in the FOSSA application:

Organization → Authentication
FOSSA Authentication Settings

Set Authentication Method
- Select SSO + Email Address as the method of access.
- Choose SAML as your SSO method.
Create an IT Ticket
Provide your IT team with the following information from the FOSSA SSO setup page:
- Callback URL
- Entity ID
IT Provides Required Inputs
Your IT team will give you:
- A Login URL for the Azure Enterprise Application.
- A Certificate used to authenticate the connection.
➤ Paste the certificate into the Certificate field in the FOSSA configuration.
SSO Options
- For both control options, select Mixed control.
- This ensures local admin access remains available if needed.
Register the Email Domain
- Register barracuda.com (or your organization’s domain).
- A test email will be sent to the designated address.
- Click Approve to complete the linkage.

To enable automatic team assignment in FOSSA based on group claims from Entra ID:

Log in to your Azure Portal.
Go to Microsoft Entra ID → Enterprise Applications.
Select your FOSSA Application.
Navigate to Single Sign-On from the left-hand menu.
Click Edit under Attributes & Claims.
Find and edit the claim named:
- http://schemas.microsoft.com/ws/2008/06/identity/claims/groups
Under "Which groups associated with the user should be returned in the claim?":
- Select Groups assigned to the application.
Scroll down and check Customize the name of the group claim:
- Set the custom name field to:
```
teams
```

After completing the setup, test login with an authorized user to ensure everything is functioning correctly.
Team mapping will automatically assign users to teams in FOSSA based on their group memberships in Entra ID.