clone/nocodb
1
0
Fork 0
mirror of https://github.com/nocodb/nocodb.git synced 2026-05-01 03:46:52 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
13043a2b4e52d4795737bd29f2be3352ed00a023
nocodb/packages/noco-docs/docs/140.account-settings/030.authentication/030.SAML-SSO/040.azure-ad.md
Naveen MR f228034052 docs : update docs related to SSO
2024-02-21 09:28:32 +00:00

67 lines
3.2 KiB
Markdown
Raw Blame History

---
title: 'Azure AD (Entra)'
description: 'Learn how to configure Active Directory as an identity provider for NocoDB.'
tags: ['SSO', 'Active Directory', 'SAML']
keywords: ['SSO', 'Active Directory', 'SAML', 'Authentication', 'Identity Provider']
---
:::info
For SSO Access - please reach [**out to sales team**](https://calendly.com/nocodb).
:::
This article briefs about the steps to configure Active Directory as Identity service provider for NocoDB
### NocoDB, Retrieve `SAML SSO` Configuration details
1. Go to `Account Settings`
2. Select `Authentication (SSO)`
3. Click on `New Provider` button
4. On the Popup modal, Specify a `Display name` for the provider; note that, this name will be used to display the provider on the login page
5. Retrieve `Redirect URL` & `Audience / Entity ID`; these information will be required to be configured later with the Identity Provider
![SAML SSO Configuration](/img/v2/account-settings/SSO-1.png)
![SAML SSO Configuration](/img/v2/account-settings/SAML-2.png)
![SAML SSO Configuration](/img/v2/account-settings/SAML-3.png)
### Azure AD, Configure NocoDB as an Application
1. Sign in to your [Azure account](https://portal.azure.com/#allservices) and navigate to `Microsoft Entra admin center` > `Identity` > `Enterprise applications`
2. Click `+ New application`
3. On the `Browse Microsoft Entra Gallery` page, select `Create your own application` from the navigation bar.
a. Provide your application's name.
b. Choose `Integrate any other application you don't find in the gallery (Non-gallery)`
c. `Create`
4. On your application page, navigate to `Manage` > `Single sign-on` > `SAML`
5. Go to the `Basic SAML Configuration` section under `Set up Single Sign-On with SAML` and click `Edit`
a. Add the `Audience URI` under `Identifier (Entity ID)`.
b. Add the `Redirect URL` under `Replay URL (Assertion Consumer Service URL)`.
c. Click `Save`
6. In the `Attributes & Claims` section, click `Edit`
a. Edit the "Unique User Identifier (Name ID)" claim:
- Select `Email address` from the `Name identifier format` dropdown
- Choose `Attribute` as the `Source`
- In the `Source attribute`, select `user.mail`
- Click `Save`
[//]: # ( b. (Optional) For custom claims:)
[//]: # ( - Click Add new claim, provide details, and save.)
[//]: # ( - Ensure the claim is visible in the Additional claims section.)
[//]: # ( - Copy the claim name for later use in NocoDB SAML configurations.)
7. Go to the `SAML Certificates` section and copy the `App Federation Metadata URL`
8. on the Application's Overview page,
- Click `Users and groups`,
- Add the necessary users or groups to the application.
### NocoDB, Configure Azure AD as an Identity Provider
1. Go to `Account Settings` > `Authentication` > `SAML`
2. Insert `Metadata URL` retrieved in step above; alternatively you can configure XML directly as well
3. `Save`
![SAML SSO Configuration](/img/v2/account-settings/SAML-4.png)
For Sign-in's, user should be able to now see `Sign in with <SSO>` option.
![SAML SSO Configuration](/img/v2/account-settings/SSO-SignIn.png)
:::note
Post sign-out, refresh page (for the first time) if you do not see `Sign in with <SSO>` option
:::
Reference in New Issue View Git Blame Copy Permalink