HomePlatformAsk DuploCloudPricing

Azure SSO Configuration

Configure Single Sign-On for Azure using the Application Deployment Portal

Configure SSO for DuploCloud using the Azure Application Deployment (AD) Portal as an Identity Provider (IDP). To configure Azure SSO, you must:

  • Register your application in the Azure AD Portal.

  • Create a secret for authentication.

  • Assign API Permissions.

Register your application in the Azure AD Portal

  1. Log in to the Azure AD Portal as an Administrator.

  2. In the Azure AD Portal, navigate to Manage -> App Registrations. The App registrations page displays.

    App Registrations page with New registration button

  3. Click New registration. The Register an application page displays.

  4. Enter a Name for the application, for example, duplo-app1.

    Register an Application page

  5. In the Supported account types area, select Accounts in any organizational directory (Any Azure AD directory - Multitenant).

  6. In the Redirect UTI field, select Web and type the DuploCloud URL https://PORTAL_DNS_NAME/app/signin-microsoft updating PORTAL_DNS_NAME to match your DuploCloud portal. For example: https://duplo.cloud.mycompany.com/app/signin-microsoft

  7. Click Register.

Note the Application (Client) ID for future reference; for example, 8a6acf76-555e-4782-a8a4-abcd283d889d.

Create a secret for authentication.

  1. In the Azure AD Portal, navigate to Manage -> Certificates & secrets.

    Manage section in navigation pane of Azure AD Portal with Certificates & secrets option

  2. In the Client Secret tab, click New Client Secret.

  3. In the Add a client secret window, enter a Description for the secret.

  4. In the Expires list box, select 12 months for the expiration duration.

    Add a client secret window

Note the Value displayed in the client secrets tab; for example, hFFC8Q~z.bHooBGcwftnh2LRgp53M62XJdLIrXxyz.

Client secrets tab with secret Value displayed

Step3: Assign API Permissions

  1. In the Azure AD Portal, navigate to Manage -> API Permissions.

    Manage section in navigation pane of Azure AD Portal with API Permissions option

  2. Click Microsoft Graph & Delegated Permissions. The Request API Permissions page displays.

  3. On the Select permissions area of the Request API Permissions page, select openid, email, and profile. Add the User.Read permission if it is not present by entering User.Read in the search box and selecting it from the search results.

    Request API Permissions page with Select permissions area

  4. Click Add permissions.

  5. In the Configured Permissions area of the Request API Permissions page, click Grant admin consent for Default Directory and confirm by clicking Yes.

    Configured permissions area of Request API Permissions page

Next Steps

When setup is complete, supply the Application ID and Client Secret to DuploCloud to integrate Login Authentication with your Azure AD.

PreviousSSO ConfigurationNextOkta Identity Management

Last updated

Was this helpful?