Kimai Time-Tracking app is an open-source time-tracking app that can be hosted on your own to track time for your projects. For single sign-on integration via SAML, it does provide some documentation, however, the example is on Google. Theoretically, it is able to work on Azure, however, it is all up to exploration.
By following the configuration in the documentation, it is likely that this error may be encountered:
Failed creating or hydrating user "_g7L2ihHvC7T4GWpFav3F5pgh9Ipox9CC1QRtBMsing or hydrating user \"xxxxxx\": Missing user attribute: EmailThis is because SAML claims for Azure is different from Google.
The list of available attributes is as below. So for eg, instead of $Email in the configuration, you might need to use $http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
| SAML Field | Field Name |
|---|---|
| http://schemas.microsoft.com/identity/claims/tenantid | |
| http://schemas.microsoft.com/identity/claims/objectidentifier | Object ID in Azure |
| http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name | UPN |
| http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname | Last Name |
| http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname | First Name |
| http://schemas.microsoft.com/identity/claims/displayname | Display Name |
| http://schemas.microsoft.com/identity/claims/identityprovider | |
| http://schemas.microsoft.com/claims/authnmethodsreferences | |
| sessionIndex |