Azure custom application SSO using SAML and azure active directory

Question

I’m kind of new to azure active directory. What I'm trying to achieve is: I have a .net core application (backend api) which will be called using an angular application. My requirement is to authenticate and enable single sign on using azure active directory.

With some time spent, I came to know that there are 2 ways to do this,

1. Using OpenID Connect
2. Using SAML

I would like to do using SAML. I tried implementing SAML SSO as follows:

1. I registered one application under Active directory which redirects to my angular application. I also read that, any application we are registering in App registrations will use OpenID by default and there is no UI available to make it as SAML but we can do the same using manifest.
2. We can register application using Enterprise applications to enable SAML

My question is,

1. Is there a way we can authenticate and enable SSO in my application registered using App registrations?
2. What options I should choose to enable SAML SSO while registering enterprise application? If I select my registered application in enterprise application it gives me the following:

The single sign-on configuration is not available for this application in the Enterprise applications experience. localhost was created using the App registrations experience.

Please go to localhost in the App registrations experience to edit properties such as reply URLs, identifiers, claims, among others. Your account should have the required permissions (Global Administrator, Cloud Application Administrator, Application Administrator, or owner of the app object).

3. What will be the code changes in my angular and .net core application?

Any reference would be very helpful.

TIA

Answer 1

You can't do it from App Registrations but you can do it from the Enterprise Application experience. To set up SAML SSO you need to go to the application > Manage > Single Sign-On > Select SAML. The Quickstart goes through all of the steps for setting up SAML SSO from Enterprise Applications.

For Basic SAML configuration values, see Configure SAML Single Sign-On.

You can use the SAML toolkit and accompanying samples to test the SAML single sign-on integration with Azure AD