Browse Source

docs: SAML azure-ad

pull/7575/head
Raju Udava 11 months ago
parent
commit
f598183a42
  1. 4
      packages/noco-docs/docs/140.account-settings/040.authentication/010.overview.md
  2. 6
      packages/noco-docs/docs/140.account-settings/040.authentication/030.SAML-SSO/040.active-directory.md
  3. 51
      packages/noco-docs/docs/140.account-settings/040.authentication/030.SAML-SSO/040.azure-ad.md
  4. 0
      packages/noco-docs/docs/140.account-settings/040.authentication/040.OIDC-SSO/040.azure-ad.md

4
packages/noco-docs/docs/140.account-settings/040.authentication/010.overview.md

@ -30,7 +30,7 @@ Please follow the details in the article below to integrate with various popular
1. [Okta](SAML-SSO/okta)
2. [Auth0](SAML-SSO/auth0)
3. [Ping Identity](SAML-SSO/ping-identity)
4. [Active Directory](SAML-SSO/active-directory)
4. [Active Directory](SAML-SSO/azure-ad)
### OpenID Connect (OIDC)
The OpenID Connect (OIDC) protocol is a modern authentication layer built on top of the OAuth 2.0 framework, designed to address user authentication and authorization challenges in web and mobile applications. OIDC provides a standardized and secure way for applications to verify the identity of end-users. Leveraging JSON Web Tokens (JWTs), OIDC enables the exchange of user identity information between the identity provider (IdP) and the Service provider, typically a web application.
@ -41,6 +41,6 @@ Please follow the details in the article below to integrate with various popular
1. [Okta](OIDC-SSO/okta)
2. [Auth0](OIDC-SSO/auth0)
3. [Ping Identity](OIDC-SSO/ping-identity)
4. [Active Directory](OIDC-SSO/active-directory)
4. [Active Directory](OIDC-SSO/azuire-ad)

6
packages/noco-docs/docs/140.account-settings/040.authentication/030.SAML-SSO/040.active-directory.md

@ -1,6 +0,0 @@
---
title: 'Active Directory'
description: 'Learn how to configure Active Directory as an identity provider for NocoDB.'
tags: ['SSO', 'Active Directory', 'SAML']
keywords: ['SSO', 'Active Directory', 'SAML', 'Authentication', 'Identity Provider']
---

51
packages/noco-docs/docs/140.account-settings/040.authentication/030.SAML-SSO/040.azure-ad.md

@ -0,0 +1,51 @@
---
title: 'Active Directory'
description: 'Learn how to configure Active Directory as an identity provider for NocoDB.'
tags: ['SSO', 'Active Directory', 'SAML']
keywords: ['SSO', 'Active Directory', 'SAML', 'Authentication', 'Identity Provider']
---
This article briefs about the steps to configure Active Directory as Identity service provider for NocoDB
1. Enable `SAML SSO` on NocoDB
- Go to `Account Settings` > `Authentication`
- Activate `SAML` toggle button
2. Retrieve `Redirect URI` & `Audience URI` from NocoDB
- Go to `Account Settings` > `Authentication` > `SAML`
- Note down `Redirect URI` & `Audience URI`; these information will be required to be configured later with the Identity Provider
3. Sign in to your [Azure account](https://portal.azure.com/#allservices) and navigate to `Azure Active Directory` under `Azure Services`.
4. Access `Manage Tenants` from the navigation bar, select your directory, and click `Switch`.
5. On your directory's homepage, click `+ Add` > `Enterprise Application` from the navigation bar.
6. On the `Browse AD Azure Gallery` page, select `Create your own application` from the navigation bar.
a. Provide your application's name.
b. Choose `Integrate any other application you don't find in the gallery (Non-gallery)` from the `What are you looking to do with your application?` options.
c. `Create`
7. In your Application's Overview page, navigate to `Set up single sign-on` > `SAML`
8. In the SAML-based Sign-on page, go to the `Basic SAML Configuration` section under `Set up Single Sign-On with SAML` and click `Edit`
a. Add the `Audience URI` under `Identifier (Entity ID)`.
b. Add the `Redirect URL` under `Replay URL (Assertion Consumer Service URL)`.
c. `Save`
9. In the `Attributes & Claims` section, click `Edit`
a. Edit the Unique User Identifier (Name ID) claim:
- Select `Email address` from the `Name identifier format` dropdown
- Choose `Attribute` as the `Source`
- In the `Source attribute field`, select the option storing the user’s email address.
- `Save`
b. (Optional) For custom claims:
- Click Add new claim, provide details, and save.
- Ensure the claim is visible in the Additional claims section.
- Copy the claim name for later use in NocoDB SAML configurations.
10. Go to the `SAML Certificates` section and copy the `App Federation Metadata URL`
11. on the Application's Overview page,
- Click `Assign users and groups`,
- Add the necessary users or groups to the application.
12. Configure `Metadata URL` in NocoDB
- Go to `Account Settings` > `Authentication` > `SAML`
- Insert `Metadata URL` retrieved in step (10) above as `App Federation Metadata URL`; alternatively you can configure XML directly as well
- `Save`
For Sign-in's, user should be able to now see `Sign in with <SSO>` option.
:::note
Post sign-out, refresh page (for the first time) if you do not see `Sign in with <SSO>` option
:::

0
packages/noco-docs/docs/140.account-settings/040.authentication/040.OIDC-SSO/040.active-directory.md → packages/noco-docs/docs/140.account-settings/040.authentication/040.OIDC-SSO/040.azure-ad.md

Loading…
Cancel
Save