Add Enterprise application

Go to Enterprise applications and choose Non-gallery Application. This requires AzureAD Premium subscription.

Go to configure Single Sign-on in the getting started menu.

Choose SAML as singin method

Setup SAML configuration

Choose "Upload metadata file" from the top menu and choose https://recruiter.hr-manager.net/saml.aspx?customer=<customer alias> (download as xml or just enter it in the file entry field) which is HRM metadata file for SSO

This will default the Entity ID and reply URL from the metadata file.

Setup claims

Now go to User Attributes and Claims and Add a new claim. The default claims should be kept as is.

The new claim should be named "mail" without the namespace and the source attribute should be the attribute that holds the email address in you Azure AD. Default this is user.userprincipalname, or it can be user.mail.

You can check on the user profile where the email addressed is used in your AzureAd

So your claims should look like this

Setup signing method

Now go to SAML Signing Certificate and choose edit.

Change the signing option to "Sign Saml response"

Your setup is done so now choose the App Federation Metadata Url and send it to HRM Support so that we can upload the certificate and connect with the AzureAd sso setup.