Microsoft Entra ID SSO (SAML) - Lovable Documentation

Use this guide to connect Microsoft Entra ID to Lovable using SAML.

Prerequisites

Entra ID admin access
Lovable workspace Owner or Admin

Configure in Entra ID

Enterprise application

Microsoft Entra ID → Enterprise applications → New application → Create your own application → Integrate any other application you don’t find in the gallery.

Set up single sign-on

Choose SAML and configure:

Identifier (Entity ID): https://auth.lovable.dev/\_\_/auth/handler
Reply URL (Assertion Consumer Service URL): https://auth.lovable.dev/\_\_/auth/handler

User Attributes & Claims

Ensure:

email → user.mail or user.userprincipalname
display_name → user.displayname

Users and groups

Assign users/groups who should have access.

SAML Signing Certificate

Use default signing unless your policy requires otherwise. Download metadata if needed.

Reference

ACS URL: https://auth.lovable.dev/\_\_/auth/handler
Entity ID: https://auth.lovable.dev/\_\_/auth/handler
Required attributes: email, display_name

Troubleshooting

Reply URL mismatch

Ensure the Reply URL exactly matches https://auth.lovable.dev/\_\_/auth/handler.

Email claim missing

Map email to user.mail or user.userprincipalname if mail is empty.

​Prerequisites

​Configure in Entra ID

​Reference

​Troubleshooting

Prerequisites

Configure in Entra ID

Reference

Troubleshooting