Azure Sso Implementation Strategies | Restackio

admin

To configure Azure Active Directory (Azure AD) for Single Sign-On (SSO), follow these detailed steps to ensure a smooth integration process. This guide will provide you with the necessary configurations and best practices for Azure SSO implementation strategies.

Creating an Application

  1. Log into the Azure portal for your organization. Navigate to the Azure Active Directory page and select the appropriate directory.
  2. Under Manage, select App registrations.
  3. Click + New Registration to begin creating a new application.
  4. Fill in the configurations for the Name and Supported account types fields as shown in the table below:
Field Value
Name dbt Cloud
Supported account types Accounts in this organizational directory only (single tenant)
  1. Configure the Redirect URI. The table below shows the appropriate Redirect URI values for single-tenant and multi-tenant deployments. For most enterprise use-cases, you will want to use the single-tenant Redirect URI. Replace YOUR_AUTH0_URI with the appropriate Auth0 URI for your region and plan.
Application Type Redirect URI
Single-Tenant (recommended) https://YOUR_AUTH0_URI/login/callback
Multi-Tenant https://YOUR_AUTH0_URI/login/callback
  1. Save the App registration to continue setting up Azure AD SSO.

Register an Azure AD App

  1. Sign into your Azure portal and click Azure Active Directory under Azure services.
  2. Select App registrations in the left panel.
  3. Click New registration. The form for creating a new Active Directory app opens.
  4. Provide a name for your app. We recommend using, “dbt Labs Azure DevOps App”.
  5. Select Accounts in any organizational directory (Any Azure AD directory – Multitenant) as the Supported Account Types. This is crucial as Azure DevOps and Azure Active Directory are considered separate tenants.
  6. Add a redirect URI by selecting Web and entering https://YOUR_ACCESS_URL/complete/azure_active_directory, replacing YOUR_ACCESS_URL with the appropriate Access URL for your region and plan.
  7. Click Register.

!Navigating to the Azure AD app registrations

Here’s what your app should look like before registering it:

!Registering an Active Directory app

Azure Integration

If you’re using Azure Active Directory (Azure AD), the instructions above will help you configure it as your identity provider. Ensure that all configurations are verified against the official documentation to maintain accuracy and effectiveness in your SSO implementation.

Read more here: Source link