Azure AD configuration (new interface)

As the group manager, you can configure Nomadesk, so that your managed users will have to authenticate to Microsoft Azure Active Directory, instead of using 'Nomadesk' (Email and password) authentication.

Keep in mind, that once you enable this, all the users in your managed group must have an Azure AD account, that has the same email address as they do on Nomadesk. 

Doing this requires some configuration in both Nomadesk (SAML settings), and your Azure AD.

1. login at


2. go to active directory

3. go to App registrations -> select New application registration


4. fill out the requested information and click create 

  • Name = Nomadesk
  • Application type = Web app / API
  • Sign-on URL =

5. under App registrations go to Endpoints


6. copy the Federation Metadata Document URL


7. go to (login with the group manager account)

8. go to Manage -> Group Settings -> Security Settings -> SAML


9. paste the Federation metadata URL from step in the Identity provider metadata URL, click save and confirm


10. copy the Federation metadata URL that you get after step 9


11. go back to the Azure AD portal -> Active Directory -> App registrations -> select the Nomadesk app


12. go to keys -> fill out Nomadesk -> set the preferred expiry -> click Save


13. go to Reply URLs -> remove the pre-filled one there -> paste the Federation Metadata URL from step 10 there and click save


14. go to Properties -> paste the Federation Metadata URL from step 10 in the App ID URL -> save


15. go to and log in -> you'll get an error message -> copy the link after reply address


16. go back to the Azure AD portal -> Active Directory -> App registrations -> select the Nomadesk app -> Reply URLs

17. paste the URL from the error from step 15 in the reply URLs

18. you can now log in correctly at

Have more questions? Submit a request


Please sign in to leave a comment.