Comment on page
Setting up authentication with Azure AD
The following guide will assist you in configuring your application to use Azure Active Directory for authentication.
- 1.Log into portal.azure.com with administrative credentials, select
All services
and selectAzure Active Directory
- 2.Select
App registrations
and clickNew application registration
- 3.Enter
Lithnet Access Manager
or another suitable application name, and selectAccounts in this organizational directory only (Lithnet only - Single tenant)
as the supported account type - 4.In the
redirect URI
field, enter the base URL where your Access Manager web app is hosted followed by/auth
(e.g.https://accessmanager.lithnet.local/auth
) - 5.Click
Register
- 6.Take note of the
Application ID
value, this is our OpenID Connect client ID - 7.From the left-hand menu, click
Authentication
. Set the Logout URL to be the same as your base URL, with/auth/logout
appended to it. (e.g.https://accessmanager.lithnet.local/auth/logout
) - 8.Save the settings
- 9.From the
API permissions
page, use thegrant admin consent
option to prevent users from being prompted for their consent when logging into the app. - 10.From the
Certificates and secrets
page, clicknew client secret
, give your secret a name, and then take note of the value provided.
- 1.Open the Lithnet Access Manager Service Configuration Tool
- 2.Select the
App configuration\User Authentication
page - 3.Select
Open ID Connect
as the authentication provider - 4.Use the
application id
obtained from the Azure AD setup process as theclient ID
value - 5.Specify the
client secret
obtained from the Azure AD setup process. - 6.Set the authority as appropriate for your tenant (e.g. for
lithnet.io
it would behttps://login.microsoftonline.com/lithnet.io
)

!
For further security, you can set up a conditional access policy to require multifactor authentication for the app
Last modified 1yr ago