Azure Active Directory
To set up a single sign-on through Azure Active Directory, go to the Azure portal.
Step 1 : Access the resource on Azure
- Sign in to the Azure portal.
- If you have access to multiple tenants, use the
Directories + subscriptions
filter in the top menu to switch to the tenant for which you want to register the application. - Search for and select
Azure Active Directory
. - On the
Overview
page, copy theTenant ID
somewhere, you will need it later.
Step 2 : Register the cluster client
- Go back to the
Azure Active Directory
resource. - Under
Manage
, selectApp registrations
>New registration
. - For the
Name
field, enter a name for your cluster client. - Select
Register
to save. - Under
Overview
, copy theApplication (client) ID
somewhere, you will need it later. - Under
Manage
, selectAuthentication
. - Select
Add a platform
. - Select
Web
. - For the
Redirect URIs
field, enter the URL of the cluster. Likehttps://localhost/neos/Northwind/signin-oidc
. - Select
Configure
to save. - Select
Save
to save. - Under
Manage
, selectCertificates & secret
and select theClient secrets
tab. - Select
New client secret
. - Enter the description you want and select an expiration time.
- Select
Add
to save. - Copy the value of the client secret somewhere, you will need it later.
Step 3 : Configure the authentication in the cluster configuration
In the cluster configuration file, you will have to fill in the following configuration by replacing the corresponding tags:
Authentication:
Preset: AzureAD
Authority: https://login.microsoftonline.com/[TENANT_ID]/v2.0
ClientId: [CLIENT_ID]
ClientSecret: [CLIENT_SECRET]
Replace :
[TENANT_ID]
by theDirectory (tenant) ID
.[CLIENT_ID]
by theApplication (client) ID
of the cluster resource.[CLIENT_SECRET]
by theClient secret
of the cluster resource.