We are excited to announce Streamlit's preview release of Azure AD SSO via SAML for our Streamlit for Teams Beta customers! 🎉

Azure AD is just one of the authenticators supported by WorkOS. We have already released documentation for SSO via ADFS, and in the coming weeks, we will be releasing documentation for other authenticator integrations, such as Okta and generic SAML.

There are three steps your team will need to complete to create an Azure AD connection:

1. Please complete this form.

To complete steps 2 and 3, you will need an ACS URL and Identity Provider URI (Entity ID), which Streamlit will provide by emailing you a private Google Drive link. Please complete this form to provide us with your email address and some basic information about your organization.

2. Provide Streamlit with a Token Signature (X.509 Certificate).

• Follow WorkOS' instructions to generate the token signature (see "Obtain Identity Provider Details").
• Please share the Token Signature with Streamlit by uploading it here.

<aside> 📝 What is a Token Signature? The Token Signature is a certificate used to securely sign tokens issued by Azure AD. You can learn more about Azure AD token signing certificates here.

</aside>

3. Provide Streamlit with an Identity Provider SSO URL.

• Follow WorkOS' instructions to generate the IdP SSO URL (see "Obtain Identity Provider Details").
• Please share the IdP SSO URL with Streamlit by pasting it here.

<aside> 💻 What is an IdP SSO URL? The IdP SSO URL provides Streamlit with a login endpoint to redirect your organization's users from our login page to your Azure AD login page.

</aside>

<aside> 🆘 Stuck? Let us know! Reach out to [email protected]

</aside>