Azure Active Directory

To set up a single sign-on through Azure Active Directory, go to the Azure portal.

Step 1 : Access the resource on Azure

1. Sign in to the Azure portal.
2. If you have access to multiple tenants, use the Directories + subscriptions filter in the top menu to switch to the tenant for which you want to register the application.
3. Search for and select Azure Active Directory.
4. On the Overview page, copy the Tenant ID somewhere, you will need it later.

Step 2 : Register the cluster client

1. Go back to the Azure Active Directory resource.
2. Under Manage, select App registrations > New registration.
3. For the Name field, enter a name for your cluster client.
4. Select Register to save.
5. Under Overview, copy the Application (client) ID somewhere, you will need it later.
6. Under Manage, select Authentication.
7. Select Add a platform.
8. Select Web.
9. For the Redirect URIs field, enter the URL of the cluster. Like https://localhost/neos/Northwind/signin-oidc.
10. Select Configure to save.
11. Select Save to save.
12. Under Manage, select Certificates & secret and select the Client secrets tab.
13. Select New client secret.
14. Enter the description you want and select an expiration time.
15. Select Add to save.
16. Copy the value of the client secret somewhere, you will need it later.

Step 3 : Configure the authentication in the cluster configuration

In the cluster configuration file, you will have to fill in the following configuration by replacing the corresponding tags:

Authentication:
  Preset: AzureAD
  Authority: https://login.microsoftonline.com/[TENANT_ID]/v2.0
  ClientId: [CLIENT_ID]
  ClientSecret: [CLIENT_SECRET]

Replace :

• [TENANT_ID] by the Directory (tenant) ID.
• [CLIENT_ID] by the Application (client) ID of the cluster resource.
• [CLIENT_SECRET] by the Client secret of the cluster resource.