AAD SSO Enterprise azuread provider

I’m trying to automate this process using terraform.

I didn’t find a way to create an enterprise application with terraform’s azuread provider.

I am looking to create the enterprise application with the goal of using terraform set up AAD SSO on TFE with SAML.

From what I saw I think the AAD provider might be missing the Enterprise application + SSO capability.


This has also blocked me on some HashiCorp work for a high profile customer.

Business case was moving to managing Vault’s various integrations “as code” to allow self service for users of Vault Namespaces in a massive, complex environment.

Whilst we are working on improving the AzureAD provider to support more resources and configurations, at this time SAML settings for Enterprise Applications are not publicly exposed via API, and so the only way to configure this is using the Azure Portal.

@manicminer is there anything in your roadmap for this?

It is on our roadmap, but as mentioned we’re blocked until there’s an API available.