Azure AD Configuration for Multitenancy

azure ad saml feature is also supported for multitenant environments for this, some parameters in the kron pam application created on the azure side must be edited to accommodate for tenants previously created on kron pam to use saml on host go to the newly created kron pam application choose single sign on on the left pane choose saml click edit for basic saml configuration add /host to the values shown in the images below identifier (entitiy id) https //10 10 10 10/aioc rest web/servlet/saml/samlcheck/host reply url https //10 10 10 10/aioc rest web/servlet/saml/samlrecipient/host logout url https //10 10 10 10/aioc rest web/servlet/saml/samllogout/host for tenant go to the newly created kron pam application choose single sign on on the left pane choose saml click edit for basic saml configuration add /tenantname to the values shown in the images below (shown as tenantx below) the saml configuration parameters on the kron pam side and the tomcatcorsfilter configurations under /pam/gui/conf/web xml will be the same as the information under the azure ad configuration heading to enable different methods option on multitenant environments, this parameter must be set on system configuration manager open administration > system configuration manager > add new system parameter add aioc login different methods enabled as true