Veeam Cookbook
The Veeam Cookbook Series
A simple step by step no frills approach to achieving your goal
Recipe: Configuring SAML 2.0 Single Sign-On
Expected deliverables:
Veeam Backup & Replication configured to authenticate users through an external identity provider using SAML 2.0 single sign-on.
Time to complete: 15 minutes
Ingredients:
- A working Veeam Backup & Replication V13 server.
- An identity provider (IdP) that supports SAML 2.0 (for example, Microsoft Entra ID).
- The IdP metadata file (or the IdP settings: sign-on URL, entity ID and signing certificate).
Before you start:
Register Veeam Backup & Replication as an application in your identity provider and obtain its SAML metadata.
Assumptions:
You have administrator access to both Veeam Backup & Replication and the identity provider.
Method:
- Get the XML metadata file from your identity provider.
- In the Veeam console, from the main menu select Users & Roles.
- Select the Identity Provider tab.
- Select the Enable SAML authentication check box.
- In the Identity provider (IdP) information section, click Browse and select the IdP metadata file.
- In the Service Provider (SP) information section, click Install and select or import a valid Veeam Backup & Replication server certificate.
- Click Download to get the Veeam (service provider) metadata XML file, then provide it to your identity provider.
- Click OK to save.
- On the Security tab, click Add > External user or group to add each external user or group and assign a Veeam role.
- Test the sign-on: on the Web UI or console sign-in page, click Sign in with SSO.
Links to Resources: