Setting up authentication with Azure AD
Last updated
Was this helpful?
Last updated
Was this helpful?
The following guide will assist you in configuring your application to use Azure Active Directory for authentication.
Log into with administrative credentials, select All services
and select Azure Active Directory
Select App registrations
and click New application registration
Enter Lithnet Access Manager
or another suitable application name, and select Accounts in this organizational directory only (Lithnet only - Single tenant)
as the supported account type
In the redirect URI
field, enter the base URL where your Access Manager web app is hosted followed by /auth
(e.g. https://accessmanager.lithnet.local/auth
)
Click Register
Take note of the Application ID
value, this is our OpenID Connect client ID
From the left-hand menu, click Authentication
. Set the Logout URL to be the same as your base URL, with /auth/logout
appended to it. (e.g. https://accessmanager.lithnet.local/auth/logout
)
Save the settings
From the API permissions
page, use the grant admin consent
option to prevent users from being prompted for their consent when logging into the app.
From the Certificates and secrets
page, click new client secret
, give your secret a name, and then take note of the value provided.
Open the Lithnet Access Manager Service Configuration Tool
Select the App configuration\User Authentication
page
Select Open ID Connect
as the authentication provider
Use the application id
obtained from the Azure AD setup process as the client ID
value
Specify the client secret
obtained from the Azure AD setup process.
Set the authority as appropriate for your tenant (e.g. for lithnet.io
it would be https://login.microsoftonline.com/lithnet.io
)
For further security, you can set up a conditional access policy to require multifactor authentication for the app