Skip to main content
All CollectionsKnowledge BaseEndpoint and SaaS AppsHow To - Endpoint and SaaS Apps
How to configure SSO for inSync On-Premise using the IDP Azure AD
How to configure SSO for inSync On-Premise using the IDP Azure AD
Updated over a week ago

This article applies to:

  • OS: Windows

  • Product edition: inSync On-Premise


This article describes the steps to configure SSO for Druva inSync On-Premise using the IDP Azure AD.

Configure SSO for Druva inSync On-Premise

The SSO is configured in the following order:

  1. Configure a custom App for Druva inSync on Azure Portal

  2. Configure Azure AD single sign-on

  3. Configure Druva inSync On-Premise to use Azure AD login

  4. Assigning Users/Groups in Azure AD to use Druva inSync app.

  5. Enabling single sign-on in inSync for Users and Administrators.

Configure a custom App for inSync on Azure Portal

  1. Log on to the Azure Portal (URL: using Azure Administrator account.

  2. Navigate to Azure Active Directory > Enterprise applications.

  3. On the Enterprise applications page, click New application.

    πŸ“ Note
    ​ You must have an Azure AD Premium account to access and create a new application.

  4. Click All > Non-gallery Application.

  5. Enter a Display Name of the Application as Druva inSync and click Add. The Application will be added.

  6. You can now configure the Application Settings by navigating to Azure Active Directory -> Enterprise Applications -> All Applications

  7. To configure the Application Settings, navigate to Azure Active Directory > Enterprise Applications > All Applications.

  8. Click Druva inSync Application and it will take you to the app configuration page.

  9. Navigate to Manage > Properties. Configure the settings as shown in the image below.

  10. Upload a Druva inSync Logo to identify the application easily and click Save.

Configure Azure AD single sign-on

  1. To configure Azure AD single sign-on with Druva, perform the following steps:

  2. On the Azure Portal, on the Druva inSync application integration page, click Single sign-on.

  3. On the Single sign-on dialog, select Mode as SAML-based Sign-on to enable SSO.

  4. Under the Druva Domain and URLs section, enter the following values.
    Identifier: druva-cloud
    Reply URL: https://<ip of the Server or FQDN of the Server>/wrsaml/consume

  5. Under User Attributes, set User Identifier to user.mail and select View and edit all other user attributes.

  6. Under SAML Token Attributes, delete all the attributes that are added by default.

  7. Add the attributes mentioned in the table below to ensure that the order of attributes and case of the Attribute Name is preserved.

    • emailAddress:user.mail

    • userPrincipalName:user.userprincipalname

    • insync_auth_token:Enter the token generated

    1. To add an attribute, follow the below steps.

      1. Click Add attribute to open the Add Attribute window.

      2. In the Name field, enter the attribute name shown for that row.

      3. In the Value list, enter the attribute value shown for that row. (The token generated value is explained later in the tutorial.)

      4. Click Ok.

    2. SAMLTokenAttributes.png
  8. On the SAML Signing Certificate section, click Metadata XML and then save the certificate file locally on your system.

  9. Select Make new certificate active.

  10. On the Druva Configuration section, click Configure Druva to open Configure sign-on window.

  11. Copy the SAML Single Sign-On URL from the Quick Reference section.


Configure Druva inSync On-Premise Server to use Azure AD login

  1. In a separate web browser window, log on to https://<ip of the Server or FQDN>/admin as an administrator.

  2. Navigate to


    > Settings.

  3. On the Single Sign-On Settings window, add the details as described below:

    • ACS FQDN/IP:Enter the IP address of the inSync Master or Edge Server

    • ID Provider Certificate:Open your Druva inSync.xml file in notepad, copy its content in the ID Provider Certificate text box.

    • AuthenRequests Signed:Clear the checkbox

    • Want Assertions Encrypted:Clear the checkbox

  4. Click Save.

Assigning Users/Groups in Azure AD to use Druva inSync app

  1. On the Azure portal, open the applications view.

  2. Navigate to the directory view > Enterprise applications and click All applications.

  3. In the applications list, select Druva inSync.

  4. In the menu on the left, click Users and groups.

  5. Click Add and select Users and groups on Add Assignment window.

  6. On the Users and groups window, select the Users or Group that you want to assign the Druva App, in the Users list.

  7. Since Auto-provisioning the users using Azure AD is not configured, ensure that the User or Admin account selected has a corresponding account created in inSync.

  8. Click Select button on the Users and groups window.

  9. Click Assign on the Add Assignment window.

Enabling single sign on in inSync for Users and Administrators

Enable single sign-on for User Logon

Enable Single Sign-on for Administrators

Did this answer your question?