Azure SSO Configuration
Configure Single Sign-On for Azure using the Application Deployment Portal
Configure SSO for DuploCloud using the Azure Application Deployment (AD) Portal as an Identity Provider (IDP). To configure Azure SSO, you must:
Register your application in the Azure AD Portal.
Create a secret for authentication.
Assign API Permissions.
Register your application in the Azure AD Portal
Log in to the Azure AD Portal as an Administrator.
In the Azure AD Portal, navigate to Manage -> App Registrations. The App registrations page displays.
App Registrations page with New registration button Click New registration. The Register an application page displays.
Enter a Name for the application, for example, duplo-app1.
Register an Application page In the Supported account types area, select Accounts in any organizational directory (Any Azure AD directory - Multitenant).
In the Redirect UTI field, select Web and type the DuploCloud URL
https://PORTAL_DNS_NAME/app/signin-microsoft
updatingPORTAL_DNS_NAME
to match your DuploCloud portal. For example:https://duplo.cloud.mycompany.com/app/signin-microsoft
Click Register.
Note the Application (Client) ID for future reference; for example, 8a6acf76-555e-4782-a8a4-abcd283d889d.
Create a secret for authentication.
In the Azure AD Portal, navigate to Manage -> Certificates & secrets.
Manage section in navigation pane of Azure AD Portal with Certificates & secrets option In the Client Secret tab, click New Client Secret.
In the Add a client secret window, enter a Description for the secret.
In the Expires list box, select 12 months for the expiration duration.
Add a client secret window
Note the Value displayed in the client secrets tab; for example, hFFC8Q~z.bHooBGcwftnh2LRgp53M62XJdLIrXxyz.

Step3: Assign API Permissions
In the Azure AD Portal, navigate to Manage -> API Permissions.
Manage section in navigation pane of Azure AD Portal with API Permissions option Click Microsoft Graph & Delegated Permissions. The Request API Permissions page displays.
On the Select permissions area of the Request API Permissions page, select openid, email, and profile. Add the User.Read permission if it is not present by entering User.Read in the search box and selecting it from the search results.
Request API Permissions page with Select permissions area Click Add permissions.
In the Configured Permissions area of the Request API Permissions page, click Grant admin consent for Default Directory and confirm by clicking Yes.
Configured permissions area of Request API Permissions page
Next Steps
When setup is complete, supply the Application ID and Client Secret to DuploCloud to integrate Login Authentication with your Azure AD.
Last updated
Was this helpful?