# Azure ADFS Identity Provider ### Create Azure AD Enterprise Application {% hint style="info" %} **Note:** Make sure that the Azure domain is an exact match to the e-mail domain used to register a tenant in IT-Conductor. Users with mismatched email domains will not be able to auto-provision in IT-Conductor {% endhint %} In the Azure Portal, navigate to **Azure Active Directory → Enterprise Applications → New Application.** Don't try to locate an existing one but click **+ Create your application**.

Figure 1: Create Your Own Application Wizard

1. Assign users and groups 2. Click **Get Started** in "Set up single sign on".

Figure 3: IT-Conductor SSO Configuration

Click on **SAML** to configure.

Fill in the fields as described on the [SSO Setup](/user-guide/setup/sso-setup.md):

Figure 5: SAML Configuration with actual values

Click **Federation Metadata XML Download** to export the metadata to a file. Import the metadata into IT-Conductor to create an Identity Provider definition as described in [SSO Setup](/user-guide/setup/sso-setup.md). Click **Test** to validate SSO Configuration. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.itconductor.com/user-guide/setup/sso-setup/azure-adfs-identity-provider.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.