nerdexam
Microsoft

AZ-400 · Question #326

Drag and Drop Question You have a GitHub organization named org1 and an Azure tenant named Tenant1. You need to enable single sign-on (SSO) in Azure Active Directory (Azure AD) for the users in org1.

The correct answer is https://github.com/orgs/org1; https://github.com/orgs/org1/saml/consume; https://github.com/orgs/org1/sso. For GitHub SAML SSO configuration in Azure AD, the three required URIs map to specific SAML fields: the Identifier (Entity ID) uses 'https://github.com/orgs/org1' to uniquely identify the service provider, the Reply URL (Assertion Consumer Service URL) uses 'https://github.com/or

Submitted by devops_kid· Mar 6, 2026Implement and manage identity and access - specifically configuring federated identity and SAML-based single sign-on between Azure AD and third-party platforms such as GitHub.

Question

Drag and Drop Question You have a GitHub organization named org1 and an Azure tenant named Tenant1. You need to enable single sign-on (SSO) in Azure Active Directory (Azure AD) for the users in org1. Which URIs should you use for the SAML configuration in Azure AD? To answer, drag the appropriate URIs to the correct settings. Each URI may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content. NOTE: Each correct selection is worth one point. Answer:

Exhibit

AZ-400 question #326 exhibit

Answer Area

Drag items

https://github.com/orgs/org1https://github.com/orgs/org1/ssohttps://login.microsoftonline.com/tenant1https://github.com/orgs/org1/saml/consumehttps://login.microsoftonline.com/tenant1.com

Correct arrangement

Explanation

For GitHub SAML SSO configuration in Azure AD, the three required URIs map to specific SAML fields: the Identifier (Entity ID) uses 'https://github.com/orgs/org1' to uniquely identify the service provider, the Reply URL (Assertion Consumer Service URL) uses 'https://github.com/orgs/org1/saml/consume' as the endpoint where GitHub receives and processes the SAML assertion from Azure AD, and the Sign-on URL uses 'https://github.com/orgs/org1/sso' as the URL users visit to initiate the SSO login flow. These are GitHub-defined endpoints specific to organizational SAML SSO and are well-documented in GitHub's SSO setup guide.

Topics

#SAML SSO#GitHub Organizations#Azure Active Directory#Enterprise Application Integration

Community Discussion

No community discussion yet for this question.

Full AZ-400 Practice