Azure AD as IdP
This section describes the steps to configure SSO for DuploCloud using Azure AD as IDP.
1. App Registration
2. Secret Creation
3. Assign API Permissions
As AD Administrator, login to your Azure AD Portal.
- 1.Browse to Manage->App Registrations->New registration
App Registration 1
- 1.Set the name of application, example: duplo-app1
- 2.In Supported account types: Select “Accounts in any organizational directory (Any Azure AD directory - Multitenant)”
- 3.In Redirect URI (optional): Select Web and add DuploCloud URL as below. Make sure to replace company with your company's DuploCloud deployment
- 1.Click on Register.
- 2.Note down the Application (Client) ID. example: 8a6acf76-555e-4782-a8a4-abcd283d889d
1. Click on Manage: Certification & Secrets.
2. In the Client Secret Tab, click on ‘New Client Secret’
3. In Add a client Secret window, enter ‘Description’ and select 12 months for ‘Expires’ duration.
4. Note down the ‘Value’ shown in the client secrets tab. example: hFFC8Q~z.bHooBGcwftnh2LRgp53M62XJdLIrXxyz
- 1.Click on Manage: Add Permissions
2. Select Microsoft Graph & Delegated Permissions
3. Select: User.Read(if not present), openid, email and profile. Click on Add permissions
4. Click on the Grant admin consent for Default Directory and select “Yes”.
Give details of Application ID and Client Secret to DuploCloud to integrate Login Authentication with your Azure AD.