From f598183a4275a12a65d502777ea50be02f7f7c6c Mon Sep 17 00:00:00 2001
From: Raju Udava <86527202+dstala@users.noreply.github.com>
Date: Thu, 8 Feb 2024 07:24:37 +0000
Subject: [PATCH] docs: SAML azure-ad

---
 .../040.authentication/010.overview.md        |  4 +-
 .../030.SAML-SSO/040.active-directory.md      |  6 ---
 .../030.SAML-SSO/040.azure-ad.md              | 51 +++++++++++++++++++
 ...40.active-directory.md => 040.azure-ad.md} |  0
 4 files changed, 53 insertions(+), 8 deletions(-)
 delete mode 100644 packages/noco-docs/docs/140.account-settings/040.authentication/030.SAML-SSO/040.active-directory.md
 create mode 100644 packages/noco-docs/docs/140.account-settings/040.authentication/030.SAML-SSO/040.azure-ad.md
 rename packages/noco-docs/docs/140.account-settings/040.authentication/040.OIDC-SSO/{040.active-directory.md => 040.azure-ad.md} (100%)

diff --git a/packages/noco-docs/docs/140.account-settings/040.authentication/010.overview.md b/packages/noco-docs/docs/140.account-settings/040.authentication/010.overview.md
index 529bfdf5ac..11b61f167e 100644
--- a/packages/noco-docs/docs/140.account-settings/040.authentication/010.overview.md
+++ b/packages/noco-docs/docs/140.account-settings/040.authentication/010.overview.md
@@ -30,7 +30,7 @@ Please follow the details in the article below to integrate with various popular
 1. [Okta](SAML-SSO/okta)
 2. [Auth0](SAML-SSO/auth0)
 3. [Ping Identity](SAML-SSO/ping-identity)
-4. [Active Directory](SAML-SSO/active-directory)
+4. [Active Directory](SAML-SSO/azure-ad)
 
 ### OpenID Connect (OIDC)
 The OpenID Connect (OIDC) protocol is a modern authentication layer built on top of the OAuth 2.0 framework, designed to address user authentication and authorization challenges in web and mobile applications. OIDC provides a standardized and secure way for applications to verify the identity of end-users. Leveraging JSON Web Tokens (JWTs), OIDC enables the exchange of user identity information between the identity provider (IdP) and the Service provider, typically a web application. 
@@ -41,6 +41,6 @@ Please follow the details in the article below to integrate with various popular
 1. [Okta](OIDC-SSO/okta)
 2. [Auth0](OIDC-SSO/auth0)
 3. [Ping Identity](OIDC-SSO/ping-identity)
-4. [Active Directory](OIDC-SSO/active-directory)
+4. [Active Directory](OIDC-SSO/azuire-ad)
 
 
diff --git a/packages/noco-docs/docs/140.account-settings/040.authentication/030.SAML-SSO/040.active-directory.md b/packages/noco-docs/docs/140.account-settings/040.authentication/030.SAML-SSO/040.active-directory.md
deleted file mode 100644
index f842371c5b..0000000000
--- a/packages/noco-docs/docs/140.account-settings/040.authentication/030.SAML-SSO/040.active-directory.md
+++ /dev/null
@@ -1,6 +0,0 @@
----
-title: 'Active Directory' 
-description: 'Learn how to configure Active Directory as an identity provider for NocoDB.' 
-tags: ['SSO', 'Active Directory', 'SAML']
-keywords: ['SSO', 'Active Directory', 'SAML', 'Authentication', 'Identity Provider']
----
\ No newline at end of file
diff --git a/packages/noco-docs/docs/140.account-settings/040.authentication/030.SAML-SSO/040.azure-ad.md b/packages/noco-docs/docs/140.account-settings/040.authentication/030.SAML-SSO/040.azure-ad.md
new file mode 100644
index 0000000000..c63b7f7a87
--- /dev/null
+++ b/packages/noco-docs/docs/140.account-settings/040.authentication/030.SAML-SSO/040.azure-ad.md
@@ -0,0 +1,51 @@
+---
+title: 'Active Directory' 
+description: 'Learn how to configure Active Directory as an identity provider for NocoDB.' 
+tags: ['SSO', 'Active Directory', 'SAML']
+keywords: ['SSO', 'Active Directory', 'SAML', 'Authentication', 'Identity Provider']
+---
+
+This article briefs about the steps to configure Active Directory as Identity service provider for NocoDB
+
+1. Enable `SAML SSO` on NocoDB
+    - Go to `Account Settings` > `Authentication`
+    - Activate `SAML` toggle button
+2. Retrieve `Redirect URI` & `Audience URI` from NocoDB
+    - Go to `Account Settings` > `Authentication` > `SAML`
+    - Note down `Redirect URI` & `Audience URI`; these information will be required to be configured later with the Identity Provider
+3. Sign in to your [Azure account](https://portal.azure.com/#allservices) and navigate to `Azure Active Directory` under `Azure Services`.
+4. Access `Manage Tenants` from the navigation bar, select your directory, and click `Switch`.
+5. On your directory's homepage, click `+ Add` > `Enterprise Application` from the navigation bar.
+6. On the `Browse AD Azure Gallery` page, select `Create your own application` from the navigation bar.
+   a. Provide your application's name.
+   b. Choose `Integrate any other application you don't find in the gallery (Non-gallery)` from the `What are you looking to do with your application?` options.
+   c. `Create`
+7. In your Application's Overview page, navigate to `Set up single sign-on` > `SAML`
+8. In the SAML-based Sign-on page, go to the `Basic SAML Configuration` section under `Set up Single Sign-On with SAML` and click `Edit`
+   a. Add the `Audience URI` under `Identifier (Entity ID)`.
+   b. Add the `Redirect URL` under `Replay URL (Assertion Consumer Service URL)`.
+   c. `Save`
+9. In the `Attributes & Claims` section, click `Edit`
+   a. Edit the Unique User Identifier (Name ID) claim:
+        - Select `Email address` from the `Name identifier format` dropdown
+        - Choose `Attribute` as the `Source`
+        - In the `Source attribute field`, select the option storing the user’s email address.
+        - `Save`
+   b. (Optional) For custom claims:
+        - Click Add new claim, provide details, and save.
+        - Ensure the claim is visible in the Additional claims section.
+        - Copy the claim name for later use in NocoDB SAML configurations.
+10. Go to the `SAML Certificates` section and copy the `App Federation Metadata URL`
+11. on the Application's Overview page, 
+    - Click `Assign users and groups`, 
+    - Add the necessary users or groups to the application.
+12. Configure `Metadata URL` in NocoDB
+    - Go to `Account Settings` > `Authentication` > `SAML`
+    - Insert `Metadata URL` retrieved in step (10) above as `App Federation Metadata URL`; alternatively you can configure XML directly as well
+    - `Save`
+
+For Sign-in's, user should be able to now see `Sign in with <SSO>` option.
+
+:::note
+Post sign-out, refresh page (for the first time) if you do not see `Sign in with <SSO>` option
+:::
\ No newline at end of file
diff --git a/packages/noco-docs/docs/140.account-settings/040.authentication/040.OIDC-SSO/040.active-directory.md b/packages/noco-docs/docs/140.account-settings/040.authentication/040.OIDC-SSO/040.azure-ad.md
similarity index 100%
rename from packages/noco-docs/docs/140.account-settings/040.authentication/040.OIDC-SSO/040.active-directory.md
rename to packages/noco-docs/docs/140.account-settings/040.authentication/040.OIDC-SSO/040.azure-ad.md