Anyone have any experience implementing SAML with Microsoft Azure AD and NetSuite. Looking to get some feedback on if this impacted your account in any negative way.

MS Azure AD is one of easiest one to configure for SAML. Way easier than MS ADFS. I like the option of the Azure AD's your app page/listing - make life easier for the user. I have used ADFS, OKTA and Onelogin also, but liked the Azure most easiest (at least for me)

Have you noticed any issues with any existing integrations or issues with Netsuite users not part of the Azure tenet like 3rd party consultants?

We use MS Azure AD SAML, Easy config. No issues

We use it and assign it to each role

3rd party users who is not an AD user cannot have SAML access - since AD is the identity provider

since its role based and if they are not under your Azure tenent they are only allowed to use the admin role

Ah yes, copy the Role(s) for the non AD users and make it non SSO

Agree ^

solution add or give 3rd party user to your AD. If they are already an Office365 users at their organization then you might be able to give them guest access. Other option is to give them regular password based access using the roles without SAML enabled (in setup), note if you are giving them Admin access then SAML is not available anyway, by design.

Got Ty guys

Also, this stops your end users from reaching out to you about them forgetting their passwords lol

Main reasons we didn’t were (1) security (2) remove password resets!

I guess my main concern is we have a new infrastructure engineer who knows nothing about netsuite and wants to set this up. The Netsuite Admins do not have admin access to the Azure AD.