Has anyone here implemented Azure SSO for an account across multiple environments (prod plus sandboxes)?

Just had this convo last week if it helps at all... [8:13 AM] Hi, has anyone Azure AD SAML for multiple accounts (Production, SandBox, Relaease Preview…) image.png f*lynn* [9:59 PM] Last company I worked for that had Azure - when we refreshed a SB, when refresh was completed we had to remove IDP file from all environments and then just re-add the IDP to each. Not sure why / but it worked.... Saved for later Z*oran R-DATAGRAM* [6:00 AM] Thank you @Jay Flynn09 for you answer … The NetSuite documentation is …. at least poor … Our first attempt was exactly the same as you described … but … Azure SSO was created and used since 2017 but only in Production environment … No issues at all… But there is a bomb in Azure Netsuite SSO integration tutorial. There is an instruction to add “account” field in user Claim … huh, after a few hours, we almost gave up … No errors in setup, no warnings … and at the end we found WARNING information in NetSuite HELP pages > if you want to share the same metadata and ID provider you MUST OMMIT account from the response (edited)

is the omission of the account something that’s done on the Azure side? I’m just responsible for setting things up on the NetSuite end, I am working with a guy in our Azure team who I provided the sp.xml file to and he is trying to provide me back with a file that I upload in the part lower on the setup page in NS

I believe yes on the Azure side (claim)

Until recently we had Azure SSO only in production, we recently added it to sandboxes. All we needed to do was download the IDP metadata file from our prod account and upload it to each sandbox.

Yeah I think our IDP file was generated with an account ID embedded, trying to get our guys to remove that.