
Step 1: Create and configure an enterprise application in the Azure AD tentant
To configure the integration of SAP Cloud Platform Identity Authentication into Azure AD, you need to add SAP Cloud Platform Identity Authentication from the gallery to your list of managed SaaS apps.
Sign in to the Azure portal using either a work or school account, or a personal Microsoft account.
On the left navigation pane, select the Azure Active Directory service.
Navigate to Enterprise Applications and then select All Applications.
To add new application, select New application.
In the Add from the gallery section, type SAP Cloud Platform Identity Authentication in the search box.
Select SAP Cloud Platform Identity Authentication from results panel and then add the app. Wait a few seconds while the app is added to your tenant.

Step 2: Download the single sign-on (SSO) metadata from the Azure AD tenant.
Download single sign-on metadata from Azure Active Directory.
Step 3: Create and configure a corporate identity provider.
Create corporate identity provider.
Step 4: Download the SAP Cloud Platform Identity Authentication Service tenant metadata.
Download Identity Authentication service tenant metadata.
Step 5: Upload the SAP Cloud Platform Identity Authentication Service tenant metadata to Azure AD tenant.
Upload Identity Authentication service tenant metadata to Azure Active Directory.
You have already uploaded the metadata file from Azure Active Directory to Identity Authentication service. It’s time to do it the other way round now and upload the metadata of Identity Authentication service to Azure Active Directory.