Azure AD with certificate authentication
This guide shows how to set-up Azure AD identity provider in Aidbox with asymmetric authentication
- Find App Registration in search bar
- Click New Registration
- Fill form. For Redirect URI choose
webas a platform and input
Open REST console in Aidbox UI and create
title: Azure AD
userinfo_endpoint: <your userinfo endpoint>
authorize_endpoint: <your authorization endpoint>
token_endpoint: <your token endpoint>
id: <your application (client) id>
You can find application (client) id on App Overview page
and your endpoints by clicking on Endpoints and visiting
OpenID Connect metadata document
Once IdentityProvider resource is created in Aidbox, you can generate private key & certificate:
# response 200 OK
# Private key & certificate are generated and saved in the IdentityProvider
Aidbox generates certificate for 365 days.
Than you may download the certificate in order to upload it to Azure AD by following the link
Upload the certificate into Azure AD
It may take few minutes when Azure starts processing the uploaded certificate.
Go to your Aidbox base URL. You will be redirected to the log in page where you should now see
Sign in with Azure ADbutton. Press this button and log in with Azure AD user. This user will be logged in to Aidbox Console but he won’t have any permissions. Read more in Access Control Section about permissions.