Setup Malwarebytes cloud platform with Azure AD

Document created by jgolomb Employee on Aug 30, 2018Last modified by jgolomb Employee on Feb 13, 2019
Version 14Show Document
  • View in full screen mode

The following instructions will assist the iDP Administrator with the setup of single sign-on (SSO) for Malwarebytes Administrators into the Malwarebytes Cloud portal using Azure AD. Malwarebytes Cloud only supports SAML 2.0 authentication protocol. 


Get started

  • The email address used for the cloud account must match the email address used for Azure AD.

  • Log into and go to the Settings > Single Sign-on page.

  • Log into your Azure AD Administrator account and go to Azure Active DirectoryEnterprise applications.

  • Ensure your environment meets the minimum operating system and external access requirements. Refer to Malwarebytes Cloud Console Administrator Guide for details.


Add the application in Azure AD

  1. From the Enterprise applications page in Azure AD, click New applicationNon-gallery application.

  2. Name the application > click Add.
    Image of Add an application menu options for Azure AD.

Configure the application SSO settings

  1. Click Single sign-on > select SAML-based Sign-on from the Single Sign-on Mode drop down menu.

  2. On the Malwarebytes Cloud Single Sign-On page, left-click the Service Provider Metadata link to save the metadata.xml file.
    Image of Service Provider Metadata page containing metadata.xml file.

Upload Cloud Portal XML file to Azure AD

  1. In Azure AD, click Upload metadata file.
    Image of Malwarebytes Cloud Portal Domain and URLs menu in Azure AD.

  2. Upload the metadata.xml file you downloaded from the Cloud Portal.
    Image of Upload a configuration file dialog in Azure AD.


Configure application attributes

  1. Change the User Identifier drop down menu to

  2. Enable View and edit all other user attributes.

  3. Delete the existing attributes > add attributes exactly as highlighted below.
    Image of SAML Token Attributes menu in Azure AD.

  4. Click Save.


Upload Azure AD metadata into Cloud Portal

  1. Download the Azure AD Metadata XML file.
    Image of SAML Signing Certificate screen where the Metadata XML file is located in Azure AD.

  2. On the Malwarebytes Cloud Single Sign-On page, drag the .xml file or Choose a Different File to upload the Identity Provider (iDP) Metadata.
    Image of Upload New Metadata XML menu in Malwarebytes Cloud Portal.

  3. Once the .xml file is uploaded, you can set Enable Single Sign-On (SSO) to ON.

  4. Now the application can be assigned to your Malwarebytes Cloud administrators in Azure AD.


Additional information