Azure AD as IdP

This section describes the steps to configure SSO for DuploCloud using Azure AD as IDP.

Configuration Steps

1. App Registration
2. Secret Creation
3. Assign API Permissions

Step1: App Registration

As AD Administrator, login to your Azure AD Portal.
  1. 1.
    Browse to Manage->App Registrations->New registration
App Registration 1
  1. 1.
    Set the name of application, example: duplo-app1
  2. 2.
    In Supported account types: Select “Accounts in any organizational directory (Any Azure AD directory - Multitenant)”
  3. 3.
    In Redirect URI: Select Web and add DuploCloud URL as below. Make sure to replace company with your company's DuploCloud deployment
  1. 1.
    Click on Register.
  2. 2.
    Note down the Application (Client) ID. example: 8a6acf76-555e-4782-a8a4-abcd283d889d

Step2: Secret Creation

1. Click on Manage: Certification & Secrets.
2. In the Client Secret Tab, click on ‘New Client Secret’
3. In Add a client Secret window, enter ‘Description’ and select 12 months for ‘Expires’ duration.
4. Note down the ‘Value’ shown in the client secrets tab. example: hFFC8Q~z.bHooBGcwftnh2LRgp53M62XJdLIrXxyz

Step3: Assign API Permissions

  1. 1.
    Click on Manage: Add Permissions
2. Select Microsoft Graph & Delegated Permissions
3. Select: User.Read(if not present), openid, email and profile. Click on Add permissions
4. Click on the Grant admin consent for Default Directory and select “Yes”.

Setup Complete!

Give details of Application ID and Client Secret to DuploCloud to integrate Login Authentication with your Azure AD.