> ## Documentation Index
> Fetch the complete documentation index at: https://forest-chore-open-api.mintlify.site/llms.txt
> Use this file to discover all available pages before exploring further.

# Azure AD / Entra ID SSO

> Configure SSO with Azure Active Directory / Microsoft Entra ID

## Configuration

1. In the Azure Active Directory admin center, go to **Enterprise applications → New application**
2. Select **Create your own application** (Forest is not in the gallery)
3. Choose **Integrate any other application you don't find in the gallery (Non-gallery)**
4. Configure SAML settings:

| Setting                | Value                                                                                     |
| ---------------------- | ----------------------------------------------------------------------------------------- |
| Reply URL (ACS URL)    | `https://api.forestadmin.com/api/saml/callback`                                           |
| Sign on URL            | `https://api.forestadmin.com/api/saml/callback`                                           |
| Identifier (Entity ID) | `forestadmin-YourOrganizationName`                                                        |
| Logout URL (optional)  | `https://app.forestadmin.com/login`                                                       |
| Relay State (optional) | `{"organizationName": "YourOrganizationName", "destinationUrl": "organization.projects"}` |

5. In the **SAML Signing Certificate** section, copy the **App Federation Metadata Url**
6. In Forest Organization settings, select **XML file endpoint** and paste the URL

## Troubleshooting

* Double-check all endpoints and certificate expiration dates
* Ensure `nameID` is configured to use the **email address used on Forest accounts**
