diff --git a/docs/deploying_clearml/enterprise_deploy/sso_saml_k8s.md b/docs/deploying_clearml/enterprise_deploy/sso_saml_k8s.md
new file mode 100644
index 00000000..186bf345
--- /dev/null
+++ b/docs/deploying_clearml/enterprise_deploy/sso_saml_k8s.md
@@ -0,0 +1,60 @@
+---
+title: Microsoft AD SAML
+---
+
+This document describes the configuration required for connecting a ClearML Kubernetes server to allow authenticating 
+users with Microsoft AD using SAML.
+
+Configuration requires two steps:
+* Configuration of the application in the active directory
+* Configuration in the ClearML server side
+
+## Active Directory Configuration
+1. Register the ClearML app with the callback url: `<clearml_webapp_address>/callback_microsoft_ad`
+1. Make sure that SSO binding is set to HTTP-Redirect
+1. Make sure that the following user claims are returned to the ClearML app:
+
+   ```
+   emailaddress   - user.mail
+   displayname    - user.displayname
+   Unique user identifier - user.principalname
+   ``` 
+
+1. Generate the IdP metadata file and save the file and entity ID
+
+## ClearML Server Side Configuration
+The following should be configured in the override file:
+
+```
+apiserver:
+  additionalConfigs:
+    metadata.xml: |
+      <?xml version="1.0"?>
+      <test>
+        <rule id="tst">
+          <test_name>test</test_name>
+        </rule>
+      </test>
+  extraEnvs:
+     - name: "ALLEGRO__secure__login__sso__saml_client__microsoft_ad__entity_id"
+       value: "<app_entity_id>"
+     - name: "ALLEGRO__secure__login__sso__saml_client__microsoft_ad__idp_metadata_file"
+       value: "/opt/clearml/config/default/metadata.xml"
+     - name: "ALLEGRO__secure__login__sso__saml_client__microsoft_ad__default_company"
+       value: "<company_id>"
+     - name: "CLEARML__services__login__sso__saml_client__microsoft_ad__claims__object_id"
+       value: "http://schemas.microsoft.com/identity/claims/objectidentifier"
+     - name: "CLEARML__services__login__sso__saml_client__microsoft_ad__claims__name"
+       value: "http://schemas.microsoft.com/identity/claims/displayname"
+     - name: "CLEARML__services__login__sso__saml_client__microsoft_ad__claims__email"
+       value: "emailAddress"
+     - name: "CLEARML__services__login__sso__saml_client__microsoft_ad__claims__given_name"
+       value: "givenName"
+     - name: "CLEARML__services__login__sso__saml_client__microsoft_ad__claims__surname"
+       value: "surname"
+     - name: "CLEARML__services__login__sso__saml_client__microsoft_ad__claims__email"
+       value: "emailAddress"
+     - name: "CLEARML__services__login__sso__saml_client__microsoft_ad__claims__email"
+       value: "emailAddress"
+```
+
diff --git a/sidebars.js b/sidebars.js
index befe60af..29c4e5a4 100644
--- a/sidebars.js
+++ b/sidebars.js
@@ -706,5 +706,10 @@ module.exports = {
                 'deploying_clearml/enterprise_deploy/app_custom',
             ]
         },
+        {
+            'SSO': [
+                'deploying_clearml/enterprise_deploy/sso_saml_k8s',
+            ]
+        },
     ]
 };