mirror of https://github.com/nocodb/nocodb
Raju Udava
10 months ago
4 changed files with 53 additions and 8 deletions
@ -1,6 +0,0 @@
|
||||
--- |
||||
title: 'Active Directory' |
||||
description: 'Learn how to configure Active Directory as an identity provider for NocoDB.' |
||||
tags: ['SSO', 'Active Directory', 'SAML'] |
||||
keywords: ['SSO', 'Active Directory', 'SAML', 'Authentication', 'Identity Provider'] |
||||
--- |
||||
@ -0,0 +1,51 @@
|
||||
--- |
||||
title: 'Active Directory' |
||||
description: 'Learn how to configure Active Directory as an identity provider for NocoDB.' |
||||
tags: ['SSO', 'Active Directory', 'SAML'] |
||||
keywords: ['SSO', 'Active Directory', 'SAML', 'Authentication', 'Identity Provider'] |
||||
--- |
||||
|
||||
This article briefs about the steps to configure Active Directory as Identity service provider for NocoDB |
||||
|
||||
1. Enable `SAML SSO` on NocoDB |
||||
- Go to `Account Settings` > `Authentication` |
||||
- Activate `SAML` toggle button |
||||
2. Retrieve `Redirect URI` & `Audience URI` from NocoDB |
||||
- Go to `Account Settings` > `Authentication` > `SAML` |
||||
- Note down `Redirect URI` & `Audience URI`; these information will be required to be configured later with the Identity Provider |
||||
3. Sign in to your [Azure account](https://portal.azure.com/#allservices) and navigate to `Azure Active Directory` under `Azure Services`. |
||||
4. Access `Manage Tenants` from the navigation bar, select your directory, and click `Switch`. |
||||
5. On your directory's homepage, click `+ Add` > `Enterprise Application` from the navigation bar. |
||||
6. On the `Browse AD Azure Gallery` page, select `Create your own application` from the navigation bar. |
||||
a. Provide your application's name. |
||||
b. Choose `Integrate any other application you don't find in the gallery (Non-gallery)` from the `What are you looking to do with your application?` options. |
||||
c. `Create` |
||||
7. In your Application's Overview page, navigate to `Set up single sign-on` > `SAML` |
||||
8. In the SAML-based Sign-on page, go to the `Basic SAML Configuration` section under `Set up Single Sign-On with SAML` and click `Edit` |
||||
a. Add the `Audience URI` under `Identifier (Entity ID)`. |
||||
b. Add the `Redirect URL` under `Replay URL (Assertion Consumer Service URL)`. |
||||
c. `Save` |
||||
9. In the `Attributes & Claims` section, click `Edit` |
||||
a. Edit the Unique User Identifier (Name ID) claim: |
||||
- Select `Email address` from the `Name identifier format` dropdown |
||||
- Choose `Attribute` as the `Source` |
||||
- In the `Source attribute field`, select the option storing the user’s email address. |
||||
- `Save` |
||||
b. (Optional) For custom claims: |
||||
- Click Add new claim, provide details, and save. |
||||
- Ensure the claim is visible in the Additional claims section. |
||||
- Copy the claim name for later use in NocoDB SAML configurations. |
||||
10. Go to the `SAML Certificates` section and copy the `App Federation Metadata URL` |
||||
11. on the Application's Overview page, |
||||
- Click `Assign users and groups`, |
||||
- Add the necessary users or groups to the application. |
||||
12. Configure `Metadata URL` in NocoDB |
||||
- Go to `Account Settings` > `Authentication` > `SAML` |
||||
- Insert `Metadata URL` retrieved in step (10) above as `App Federation Metadata URL`; alternatively you can configure XML directly as well |
||||
- `Save` |
||||
|
||||
For Sign-in's, user should be able to now see `Sign in with <SSO>` option. |
||||
|
||||
:::note |
||||
Post sign-out, refresh page (for the first time) if you do not see `Sign in with <SSO>` option |
||||
::: |
||||
Loading…
Reference in new issue