Additional configuration for Azure Active Directory

  • Last updated: May 17, 2022

  • Read time: 1 Minute

If you are using Azure Active Directory as your identity provider, you need to complete some additional configuration steps to make sure that the group membership of your users is sent to Burp Suite Enterprise Edition.

In Azure portal, open the application that you are adding to represent Burp Suite Enterprise Edition. Under "Set up Single Sign-on with SAML", go to the "User Attributes and Claims" section and add a group claim. Select the "Customize the name of the group claim" checkbox and enter the following values:

  • Name: Group
  • Namespace: http://schemas.xmlsoap.org/claims

The next step depends on how you manage your users:

  • If your Azure instance is backed by an on-premise installation of Active Directory, select sAMAccountName as the source attribute. Note that when you create your user groups in Burp Suite Enterprise Edition, they must have the exact same name as the corresponding sAMAAccountName in your Active Directory.
  • If your users are managed in Azure Active Directory, select Group ID as the source attribute. In this case, you will need to use the corresponding Group ID as the name for your user groups in Burp Suite Enterprise Edition.

For more information about user groups in Burp Suite Enterprise Edition, see Configuring user permissions for SSO.