Revamp Entra (Azure AD) Capella SSO instructions to use the gallery application.

The documented approach for setting up Entra as an IdP should be revamped now that Istvan has gotten an application into the Entra gallery. Using this is more convenient for customers, avoids some compliance concerns customers might have about manually creating applications, and also will avoid an issue with unexpected rotations of Microsoft controlled certificates which have repeatedly impacted some customers.

For reference, here are instructions that were recently provided to a customer in a support ticket:

1. Go to the SSO settings page for your tenant and hit 'Create Realm'. We will return to this after performing the initial configuration of the Enterprise Application in Entra.
2. Open the Azure portal, go to Entra, then within Entra open the menu for 'Enterprise Applications' (not 'App Registrations'). Click on the 'New Application' button.
3. Use the search bar to search the Entra gallery for 'Couchbase Capella', there will be an entry 'Couchbase Capella - SSO'. Select this, and hit 'Create' in the flyout menu that appears (feel free to rename it to a convenient name of your choosing in the menu before hitting 'Create').
4. You will be taken to the overview for the newly created application, from here open the 'Single sign-on' settings (left side menu).
5. Select 'SAML' as the sign-on method.
6. Under 'SAML Signing Certificates' hit 'Edit' for the 'Token Signing Certificate'. In the flyout menu hit 'New Certificate' then 'Save'.
7. In the same flyout menu, hit the three dots next to the new certificate (the row with status 'Inactive' and hit 'Make Certificate Active'. Hit 'Yes' if prompted for confirmation.
8. Hit the three dots next to the now active new certificate, and select 'PEM Certificate Download'. Open the PEM file in a text editor and keep it on hand for the next steps.
9. Take a copy of the 'Login URL' under 'Set up Couchbase Capella - SSO'.
10. Go back to the Capella UI realm creation screen that was left earlier. Take the contents of the PEM that was downloaded earlier and paste it into the 'SAML Signing Certificate' box after stripping the first and last lines (----BEGIN CERTIFICATE--- and ---END CERTIFICATE----).
11. Copy the 'Login URL' picked up earlier into the 'Sign-in Endpoint URL' box.
12. Leaving other options as the defaults, hit 'Create Realm'. This will take you to the SSO settings page for your organisation. Click on the name of the newly created realm to open it's dedicated page.
13. Take a note of the 'Entity ID' and the 'Callback URL' from this page.
14. Go back to the single sign-on settings page for the Enterprise Application in the Azure portal. Click the 'Edit' button for 'Basic SAML Configuration'.
15. Enter the 'Entity ID' in the 'Identifier' box, the 'Callback URL' in the 'Reply URL' box, and https://cloud.couchbase.com/enterprise-sso in the 'Sign on URL' box. Then hit 'Save'.
16. Now go to the 'Users and Groups' settings (left side menu). Add any users of groups that require access to the Capella UI via SSO login.