Unable to set Identifier (Entity ID) or Reply URL for Azure SAML SSO configuration

Caroline Lu 6 Reputation points
2021-06-24T15:36:22.327+00:00

When I try to set the Identifier (Entity ID) or Reply URL for a new SAML SSO configuration, both of those options are greyed out and don't allow me to enter any text. I have the maximum permissions for my organization. What else could be preventing me from entering these? In the configuration guide, those fields are not greyed out, so I'm not sure how to proceed.

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
19,619 questions
0 comments

6 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Toivola Mikko 6 Reputation points
    2021-09-24T08:47:06.177+00:00

    I had the same issue (twice because I deleted and remade the app with no results), but then refreshing browser while at the greyed out page did help and I was able to proceed normally.

    1 person found this answer helpful.
    0 comments
  2. Marilee Turscak-MSFT 34,061 Reputation points Microsoft Employee
    2021-06-24T21:20:00.043+00:00

    These tips from the troubleshooting guide may help:

    Can’t add the Identifier or the Reply URL
    If you’re not able to configure the Identifier or the Reply URL, confirm the Identifier and Reply URL values match the patterns pre-configured for the application.

    To know the patterns pre-configured for the application:

    1) Open the Azure portal and sign in as a Global Administrator or Co-admin. Go to step 7. If you are already in the application configuration blade on Azure AD.

    2)Open the Azure Active Directory Extension by clicking All services at the top of the main left-hand navigation menu.

    3)Type in “Azure Active Directory” in the filter search box and select the Azure Active Directory item.

    4) click Enterprise Applications from the Azure Active Directory left-hand navigation menu.

    5) click All Applications to view a list of all your applications.

    • If you do not see the application you want show up here, use the Filter control at the top of the All Applications List and set the
      Show option to All Applications.

    6) Select the application you want to configure single sign-on.

    7) Once the application loads, click the Single sign-on from the application’s left-hand navigation menu.

    8) Select SAML-based Sign-on from the Mode dropdown.

    9) Go to the Identifier or Reply URL textbox, under the Domain and URLs section.

    10) There are three ways to know the supported patterns for the application:

    • In the textbox, you see the supported pattern(s) as a placeholder Example: https://contoso.com.
    • if the pattern is not supported, you see a red exclamation mark when you try to enter the value in the textbox. If you hover your mouse over the red exclamation mark, you see the supported patterns.
    • In the tutorial for the application, you can also get information about the supported patterns. Under the Configure Azure AD single sign-on section. Go to the step for configured the values under the Domain and URLs section.

    If the values don’t match with the patterns pre-configured on Azure AD. You can:

    • Work with the application vendor to get values that match the pattern pre-configured on Azure AD
    • Or, you can contact Azure AD team at aadapprequest@microsoft.com or leave a comment in the tutorial to request the update of the supported patterns for the application
      Where do I set the EntityID (User Ide

    Also, make sure you have the prerequisites:

    • An Azure AD subscription.
    • An Azure AD SAML Toolkit single sign-on (SSO) enabled subscription.
    0 comments
  3. David Schrag 376 Reputation points
    2021-09-03T13:33:03.057+00:00

    I have the same problem as @Caroline Lu : "When I try to set the Identifier (Entity ID) or Reply URL for a new SAML SSO configuration, both of those options are greyed out and don't allow me to enter any text." The boxes for Sign on URL, Relay State, and Logout Url are also greyed out. I have configured several non-gallery applications before. Not sure why I'm having a problem with this new one. Did you ever find the solution?

  4. Craig Wallace 1 Reputation point
    2021-10-04T07:53:06.817+00:00

    Idk if it was a timing issue, but refreshing the page also worked for me

    0 comments
  5. Anuar 86 Reputation points
    2022-09-27T11:47:39.913+00:00

    I'm having the same issue as OP and @David Schrag . None of the 'SAML-based Sign-on' fields under 'Enterprise Application' are editable (I have sufficient permissions to edit these fields). I tried different browsers and refreshing but that doesn't make a difference. Deleting the app is not an option.

    What are my options here? Did any1 find a solution to this problem?

    The value I'm looking to edit is the 'Sign on URL (Optional)'.

    Thanks in advance for any help.

    0 comments