Comment on page
Setting up authentication with Azure AD
The following guide will assist you in configuring your application to use Azure Active Directory for authentication.
- 1.Log into portal.azure.com with administrative credentials, select
All servicesand selectAzure Active Directory - 2.Select
App registrationsand clickNew application registration - 3.Enter
Lithnet Access Manageror another suitable application name, and selectAccounts in this organizational directory only (Lithnet only - Single tenant)as the supported account type - 4.In the
redirect URIfield, enter the base URL where your Access Manager web app is hosted followed by/auth(e.g.https://accessmanager.lithnet.local/auth) - 5.Click
Register - 6.Take note of the
Application IDvalue, this is our OpenID Connect client ID - 7.From the left-hand menu, click
Authentication. Set the Logout URL to be the same as your base URL, with/auth/logoutappended to it. (e.g.https://accessmanager.lithnet.local/auth/logout) - 8.Save the settings
- 9.From the
API permissionspage, use thegrant admin consentoption to prevent users from being prompted for their consent when logging into the app. - 10.From the
Certificates and secretspage, clicknew client secret, give your secret a name, and then take note of the value provided.
- 1.Open the Lithnet Access Manager Service Configuration Tool
- 2.Select the
App configuration\User Authenticationpage - 3.Select
Open ID Connectas the authentication provider - 4.Use the
application idobtained from the Azure AD setup process as theclient IDvalue - 5.Specify the
client secretobtained from the Azure AD setup process. - 6.Set the authority as appropriate for your tenant (e.g. for
lithnet.ioit would behttps://login.microsoftonline.com/lithnet.io)
!
For further security, you can set up a conditional access policy to require multifactor authentication for the app
Last modified 1yr ago