This article will provide the steps required to set up Nomos One Single Sign On (SSO) access for your organisation, using Microsoft Entra ID as the identity provider.

App Creation

1. Sign in to the Azure portal.
2. Search for the service “Enterprise Applications”.
3. Click the “+ New application” button.
4. On the Browse Microsoft Entra Gallery page, click the “+ Create your own application” button.
5. Enter the name of your application, and ensure that “integrate any other application you don't find in the gallery (Non-gallery)” is selected. 
6. Click “Create”.

At this point, you should have an application created, and land on a page that looks similar to this:

Single Sign On setup

1. From your application Overview, scroll to the “Getting Started” section.
2. Click “2. Set up single sign on”.
3. Click “SAML”.
4. Once on the “Set up Single Sign-On with SAML” page, scroll to the “1 Basic SAML Configuration” section.
5. Click “Edit”.
6. Enter the Identifier (Entity ID) and Reply URL values from the prerequisites.
7. Click “Save”.
8. Make note of the fields in the “2 Attributes & Claims” section, as these are used for mapping in Cognito. 
9. Scroll to the “3 SAML Certificates” section and copy the App Federation Metadata URL for use in Cognito in the next section.

The majority of the setup within Entra is now done. The certificate conversion still needs to be done, but will be processed after the Nomos One team completes the Cognito configuration.

Certificates

1. In Azure, go back to your application in Enterprise Applications.
2. In the side bar, under the “Security” dropdown, click on “Token encryption”.
3. Click on “Import Certificate”.
4. Browse for the sso-encryption.cer file and select it.
5. Click “Add”.
6. Right click on the certificate in the list and click “Activate token encryption certificate”.
7. In the side bar, under the “Manage” dropdown, click on “Single sign-on”.
8. Scroll to “3 SAML Certificates”, then to the second part of the section, called “Verification certificates (optional)”.
9. Click “Edit”.
10. Select “Require verification certificates”.
11. Click on “Upload certificate” and select the sso-signing.cer file.

The setup process will now be complete, and your organisation can begin using single sign on to access Nomos One.

Nomos One does not provide or purport to provide any accounting, financial, tax, legal or any professional advice, nor does Nomos One purport to offer a financial product or service. Nomos One is not responsible or liable for any claim, loss, damage, costs or expenses resulting from your use of or reliance on these resource materials. It is your responsibility to obtain accounting, financial, legal and taxation advice to ensure your use of the Nomos One system meets your individual requirements.