Microsoft Azure Authentication
Microsoft Azure is OAuth2-compliant, so the OAuth2
authentication plugin that FileRun comes with can be used to authenticate users against Azure.
You can easily activate and configure the plugin directly from FileRun's control panel, under System configuration
» User login and registration
.
For more information on configuring FileRun with OAuth2, please see this page.
Configuration
1. Start the process or registering an application with Azure.
1. a) You will be asked for a Redirect URI
. Get this from the FileRun control panel. It is the first field you see under “OAuth2 plugin options” when enabling the OAuth2
authentication plugin.
2. With the new Azure application registered, use the provided Application (client) ID
to fill the FileRun setting Client ID
.
3. Under Client credentials
, click to Add a certificate or secret
. Click to add a New client secret
. With the new client secret created, copy the Value
field to the FileRun setting Client Secret
.
3. Back on the Azure project main page, go to Endpoints
.
3. a) Copy OAuth 2.0 authorization endpoint (v1)
to FileRun's Authorization URL
. It looks like this: https://login.microsoftonline.com/<tenant>/oauth2/authorize
. Replace <tenant>
with your Directory (tenant) ID
.
3. b) Copy OAuth 2.0 token endpoint (v1)
to FileRun's Access Token URL
. It looks like this: https://login.microsoftonline.com/<tenant>/oauth2/token
. Replace <tenant>
with your Directory (tenant) ID
.
4. Set FileRun's List of scopes
to openid,profile,email
4. Set FileRun's User info API URL
to https://login.microsoftonline.com/<tenant>/openid/userinfo
. Replace <tenant>
with your Directory (tenant) ID
.
5. Set FileRun's field mappings as follows:
Username mapping: $.email
First name mapping: $.given_name
Last name mapping: $.family_name
E-mail mapping: $.email
If you do not hide the FileRun logout option, please configure the Logout URL
to https://login.microsoftonline.com/<tenant>/oauth2/v2.0/logout?post_logout_redirect_uri=https://localhost/myapp/
Replace <tenant>
with your Directory (tenant) ID
. Replace https://localhost/myapp/
with the URL of your FileRun installation.