Skip to main content
Sign in
Español (Latinoamérica) Português do Brasil

Add an authentification via Microsoft Azure AD

Sabrina Zapora
  • Updated

STEP 1

In your VaultOne, in the section “Administration -> Settings”, select the tab “Identity Providers”.  


mceclip0.png


To configure your AD inside VaultOne, some information should be given.

Reminder: If you only wish to authenticate users within your AD, you should fill only the first two fields. In case you also want to import AD GROUPS, all fields should be filled and you’ll have to check the box “Do you want to Sync Active Directory Groups?”.

 

STEP 2

In a new tab, enter the Microsoft Azure portal at https://portal.azure.com, and select the service “Azure Active Directory”.

mceclip1.png

 

 

STEP 3

At the left menu, go to the section “App registrations” and select the option “New Registration”.

mceclip2.png

 

 

STEP 4

Select a name for the App. Then, in “Supported account types”, select the first option, “Accounts in this organizational directory only”. Click “Register”.

mceclip3.png

 

 

STEP 5

It will be generated a new App registration. You should use this data to configure your Azure AD on VaultOne.


mceclip4.png

 

 

STEP 6

Return to your VaultOne and fill according to the data obtained at Azure.

mceclip5.png

 

 

 

STEP 7

Go to the created App, and this time select the option “Add a Redirect URI”.

 

mceclip6.png

 

 

STEP 8

In “Platform configurations”, click the button “Add a platform” and then select the option “Single-page application”.

 

mceclip7.png

mceclip8.png

 

 

STEP 9

In “Redirect URI’s”, put your subdomain *.vault.one, for instance, https://demo.vault.one. Then, check the options “Access tokens (used for implicit flows)” e “ID Tokens (used for implicit and hybrid flows)”. Click “Configure”.

 

mceclip9.png

 

By applying these settings, it’s possible to login into VaultOne using your Azure ID. To import GROUPS, please follow the steps below.

 

 

STEP 10

In the left menu, click “Certificates & Secrets”. In the section “Client secrets”, click “New cliente secret”.

mceclip10.png

 

 

STEP 11

Write a description, and select the option “24 months” for “Expires”. Click “Add”.

mceclip11.png

 

 

STEP 12

Once obtained the new Client secret information, copy the “Value” and fill it on the “Application Key” field at VaultOne.

mceclip12.png

mceclip13.png

 

 

STEP 13

At the side menu, go to “API permissions”. Then, click “Add a permission”. Roll to the end of the page and select the last option, “Azure Active Directory Graph”.

mceclip14.png

 

STEP 14

In “Request API permissions”, select the type “Application permissions”, and then check the option “Directory.Read.All”, in the section “Directory”. Click “Add permissions”.

 

mceclip15.png

 

STEP 15

Still in this section, observe that admin consent weren’t given yet. To grant admin privileges, the user that administrates the AD should click in “Grant admin consente for VaultOne Software”.

mceclip16.png

mceclip17.png



STEP 16

Finally, in the section “Overview” of your Azure AD, locate your “Primary domain”, and insert it on the “Directory Domain” at your VaultOne and save it.

mceclip18.png

Ready. You have successfully configured your Azure Active Directory to your VaultOne.

 

Did this answer your question? If you need more help, contact us!
help@vaultone.com

 

Related articles

Comments

0 comments

Please sign in to leave a comment.