# How to configure Single Sign On (SSO) for an Illumina Enterprise domain using Entra ID

Follow the steps below to configure the IDP (Entra ID) and SP (Illumina) for SSO on an Illumina Enterprise domain.

***Note**: Illumina supports SP-initiated login only; users must sign in via an illumina.com URL (eg, https\://{domain}.login.illumina.com or https\://{domain}.basespace.illumina.com).*

1. Choose **Create your own application** from the Entra App Gallery page and select the **Integrate any other application you don't find in the gallery (Non-gallery)** option. Here the application name is "Illumina":\
   ![](/files/SVTOxdQlvzM3lR1srWuZ)
2. From the Overview page for the application created in **Step 1**, select "Set up single sign on."\
   ![](/files/mmQGCrXIF4YzNmkmWRzT)
3. Select the **SAML** option.\
   ![](/files/tTf9a49nbCqkEAd6Z2kj)
4. Under "basic SAML Configuration" select **Edit**:\
   ![](/files/18vPxGGKGxpOOhqOBs8F)
5. Enter the following URLs in the appropriate fields and select **Save**.

* Identifier (Entity ID): <https://login.illumina.com/saml-service/saml/metadata>
* Reply URL: <https://login.illumina.com/saml-service/saml/SSO>
* Logout URL: <https://login.illumina.com/saml-service/saml/SingleLogout>

  ![](/files/RwXrluwajVvvULXC0gwN)

6. Download the IDP metadata XML file, called "Federation Metadata XML" on Entra:\
   ![](/files/wft5RTjgzWYrm0uE1guN)
7. Sign into the Illumina Enterprise account and navigate to the **DOMAIN** tab within the IAM Console.
8. Select **AUTHENTICATION** from the left side navigation and select the **SAML** button.
9. Under "Select SAML configuration file" select the **Choose File** button and navigate to the metadata XML file downloaded in **Step 6**.
10. Select the **Upload** button and, when prompted, select **Save Changes**.\
    ![](/files/AXNMuU62xm3nrJPQ9kik)
11. Select **Download** under "Metadata XML file (SP)" to download the Illumina SP metadata XML file to be uploaded to the IDP account.
12. From the Single sign-on configuration page in the Entra portal, select **Upload metadata file**.
13. Select **Select a file** and navigate to the file downloaded in **Step 11** (illumina\_sp.xml) and select **Add**.
14. Make sure the Entity ID, Reply URL, and Logout URL fields are still populated correctly. If they are not, refer to **Step 5** to correct them. For example, the Reply URL may not be populated correctly, as shown below.\
    ![](/files/Jm0i1TQIsGH27RdPB248)
15. Select **Save** under the **Basic SAML Configuration** heading to save settings on the Entra ID IDP side.
16. Obtain the SAML Attribute Mapping values for EmailId, Last name, and First name from the IDP and enter them into the relevant fields in the **Authentication Configuration** page within the Illumina IAM console:

* For Entra ID, these values can be found by selecting the "Edit" button on the **User Attributes & Claims** card:\
  ![](/files/6oP0EXE0I0y7jVFYnyNj)
* The attributes needed are in the **Claim name** column under Addtional claims, shown below:\
  ![](/files/6KKXaEhSnW7MSZC5BCSj)
* ***IMPORTANT***: The above screenshot shows the default claims created by Entra ID. The claim mapping to user.mail (called "emailaddress" in this example) can sometimes be null. In that case, use the claim mapping to user.userprincipalname. Claims can be modified, added, and deleted. However, at a minimum, the values provided in the SAML **Authentication Configuration** in the Illumina IAM console for the fields **EmailId**, **First name,** and **Last name** must map to the Entra ID attributes that provide the user's full **Email address**, **First name** and **Last name**, respectively.

Once settings have been saved on both the IDP and SP ends, it will take some time for everything to sync on the Illumina side. Wait at least 15 min, and be aware that settings can sometimes take over an hour to sync.

**Note**: IDP Initiated Login may not be compatible with Illumina Login. In this scenario, use the direct url for the Illumina enterprise domain.

\
\
\ <br>

|                                                                                                                                                                                                                                                                                                                                                                 |
| :-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------: |
| *For any feedback or questions regarding this article (Illumina Knowledge Article #5972), contact Illumina Technical Support* [*techsupport@illumina.com*](mailto:techsupport@illumina.com?subject=Question%2FFeedback%20Regarding%20Illumina%20Knowledge%20Article%20#000005972%20-%20Software%20\&body=Dear%20Illumina%20Technical%20Support,%0D%0A%0D%0A)*.* |


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://knowledge.illumina.com/software/cloud-software/software-cloud-software-reference_material-list/000005972.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.