Prerequisites

1. Organization Owner
   
2. Organization Admin
   
3. Admin account in Microsoft Entra ID

In Zoho Directory: Add Microsoft Entra ID as an IdP

1. Sign in to Zoho Directory, then click ADMIN PANEL in the left menu.
   
2. Click SECURITY, then open the Identity Providers tab.
   
3. Click Add Identity Provider.
   
4. Enter the IdP name, and select SAML as the SSO protocol.
   
5. Copy the Assertion Consumer Services URL and the Issuer to your clipboard.
   
   
6. Using the tokens copied in the previous step, add Zoho Directory as an app in your Microsoft Entra ID instance.
   
7. Enter the Login URL copied from Microsoft Entra ID under Sign-in URL and Logout URL under Sign-out URL.
   
8. Upload the Base64 certificate from Microsoft Entra ID under the X509 certificate field.
   
9. Click Add. You have added Microsoft Entra ID as an identity provider in Zoho Directory.
   

In Microsoft Entra ID: Add Zoho Directory as an enterprise application

1. Sign in to Microsoft Entra admin center.
   
2. Click Entra ID in the left navigation menu, then click Enterprise apps.
   
3. Click New application, then click Create your own application.
   
4. Enter Zoho Directory under What's the name of your app?; choose Integrate any other application you don't find in the gallery; then click Create.
   
   The app will be created, and you will be redirected to its Overview tab.
5. Click Get started under Set up single sign on, then click SAML.
   
6. Click Edit against Basic SAML Configuration.
   
7. Click Add identifier and enter the Issuer copied from Zoho Directory.
   
8. Click Add reply URL and enter the ACS URL copied from Zoho Directory.
   
9. Click Save, then click  on the top-right corner.
   
10. Under SAML certificates, click Download against Certificate (Base64).
    
11. Under Set up Zoho Directory, copy the Login URL and Logout URL to your clipboard.
    
12. Resume from Step 6 under adding Microsoft Entra ID as an IdP in Zoho Directory and complete the configuration.