Skip to main content

Configure Azure OIDC-Based SSO Provider

To use Azure Active Directory (AD) as the SSO identity provider (IdP) with Virtana Platform, you must add Virtana Platform to Azure AD as a managed SaaS application. You then assign users to the application in Azure.

About This Task

After configuring the IdP, you must copy the OpenID Connect Metadata Url, Client ID and Client Secret, which is needed for Virtana Platform.

Prerequisites

You need an Administrator role in Microsoft Azure with privileges to create applications and assign users and groups.

  • You must have set up a OIDC application with your IdP.

  • You must have administrator privileges in both IdP and Virtana Platform.

  • You must have an appropriate Virtana Platform license to use SSO.

Steps

  1. Log in to Microsoft Azure as Administrator.

  2. Click the hamburger menu in the navigation pane and select All Services.

    all_service.png

  3. Navigate to Identity > App Registrations.

    app_reg.png

  4. Click on New registration

    register_appli.png

    • Enter the name of the application.

    • Select the Supported account type as a Single tenant - "Accounts in this organizational directory only."

    • Select Platform as a Web under Redirect URI section.

    • Set Redirect URI to: https://keycloak.oc.<env>.cloud.virtana.com/auth/realms/<org_id>/broker/<org_id>-oidc-config/endpoint

      Note

      <env> is the variable used for your locals. For example: https://app.cloud.virtana.com/...

      <org_id> is the organisational UUID for the given organisation. You can contact Virtana Support team to get your UUID.

    • Click Register.

  5. Navigate to Manage>Certificates & secrets.

    virtana_sso.png

  6. Click on New client secret in Client secrets tab.

    client_secrte.png

  7. Enter description and select appropriate expiration time.

    add_client.png

  8. Copy value of the newly created secret. This value would be the Client Secret of your OIDC application.

    oidc_application.png

  9. Navigate to Overview and copy the value of Application (client) ID. This value would be the Client ID of your OIDC application.

    virtana_sso.png

  10. Click on Endpoints and copy value of OpenID Connect metadata document.

    endpoints.png

  11. Use these OpenID Connect metadata document, Client Id, and Client Secret values while configuring OIDC SSO in Virtana Platform as a OpenID Connect Metadata URL, Client Id, Client Secret.

In this section: