Configure Single Sign-on with Azure Active Directory
In order to configure Azure with SEKOIA.IO, the following steps must be done:
- Create a new application on Azure
- Connect to SEKOIA.IO, add a new domain that belongs to your community and wait for its validation
- Configure OpenID Connect in SEKOIA.IO (see associated documentation Single Sign-On With OpenID Connect)
Create an Azure Active Directory app registration
- Visit "Azure Active Directory" > "Manage" > App Registrations
- Use the "+ New registration" button to start the creation
- Choose a name and input the redirect URI: https://app.sekoia.io/user/callback
- Click on "Register"
Configure the registration
- On the main page, save the "Application (client) ID" for later use
- On the main page, in "Endpoints", copy your "OAuth 2.0 authorization endpoint" such as
https://login.microsoftonline.com/<YOUR TENANT ID>/
. Be sure to remove the/oauth2/v2.0/authorize
suffix from the URL. - Under "Certificates and secrets > Client secrets" use the "+ New client secret" button to create a secret. Save this secret for later use.
Restrict access for SEKOIA.IO to specific users
Azure Active Directory can be configured to prevent some users from accessing SEKOIA.IO.
- In "Azure Active Directory" > "Enterprise applications": select your application
- In the "Application | Overview" > "Getting Started" > "1. Assign users and groups"
You are ready to input your configuration to SEKOIA.IO