Azure SSO Configuration

Configure Single Sign-On for Azure using the Application Deployment Portal

PreviousSSO Configuration NextOkta Identity Management

Last updated 19 hours ago

Was this helpful?

In the Azure AD Portal, navigate to Manage -> App Registrations. The App registrations page displays.

Click New registration. The Register an application page displays.

Enter a Name for the application, for example, duplo-app1.

In the Supported account types area, select Accounts in any organizational directory (Any Azure AD directory - Multitenant).

In the Redirect UTI field, select Web and type the DuploCloud URL https://PORTAL_DNS_NAME/app/signin-microsoft updating PORTAL_DNS_NAME to match your DuploCloud portal. For example: https://duplo.cloud.mycompany.com/app/signin-microsoft

Click Register.

Note the Application (Client) ID for future reference; for example, 8a6acf76-555e-4782-a8a4-abcd283d889d.

Create a secret for authentication.

In the Azure AD Portal, navigate to Manage -> Certificates & secrets.

In the Client Secret tab, click New Client Secret.

In the Add a client secret window, enter a Description for the secret.

In the Expires list box, select 12 months for the expiration duration.

Note the Value displayed in the client secrets tab; for example, hFFC8Q~z.bHooBGcwftnh2LRgp53M62XJdLIrXxyz.

Step3: Assign API Permissions

In the Azure AD Portal, navigate to Manage -> API Permissions.

Click Microsoft Graph & Delegated Permissions. The Request API Permissions page displays.

On the Select permissions area of the Request API Permissions page, select openid, email, and profile. Add the User.Read permission if it is not present by entering User.Read in the search box and selecting it from the search results.

Click Add permissions.

In the Configured Permissions area of the Request API Permissions page, click Grant admin consent for Default Directory and confirm by clicking Yes.