mirror of https://github.com/nocodb/nocodb
Raju Udava
8 months ago
4 changed files with 53 additions and 8 deletions
@ -1,6 +0,0 @@ |
|||||||
--- |
|
||||||
title: 'Active Directory' |
|
||||||
description: 'Learn how to configure Active Directory as an identity provider for NocoDB.' |
|
||||||
tags: ['SSO', 'Active Directory', 'SAML'] |
|
||||||
keywords: ['SSO', 'Active Directory', 'SAML', 'Authentication', 'Identity Provider'] |
|
||||||
--- |
|
||||||
@ -0,0 +1,51 @@ |
|||||||
|
--- |
||||||
|
title: 'Active Directory' |
||||||
|
description: 'Learn how to configure Active Directory as an identity provider for NocoDB.' |
||||||
|
tags: ['SSO', 'Active Directory', 'SAML'] |
||||||
|
keywords: ['SSO', 'Active Directory', 'SAML', 'Authentication', 'Identity Provider'] |
||||||
|
--- |
||||||
|
|
||||||
|
This article briefs about the steps to configure Active Directory as Identity service provider for NocoDB |
||||||
|
|
||||||
|
1. Enable `SAML SSO` on NocoDB |
||||||
|
- Go to `Account Settings` > `Authentication` |
||||||
|
- Activate `SAML` toggle button |
||||||
|
2. Retrieve `Redirect URI` & `Audience URI` from NocoDB |
||||||
|
- Go to `Account Settings` > `Authentication` > `SAML` |
||||||
|
- Note down `Redirect URI` & `Audience URI`; these information will be required to be configured later with the Identity Provider |
||||||
|
3. Sign in to your [Azure account](https://portal.azure.com/#allservices) and navigate to `Azure Active Directory` under `Azure Services`. |
||||||
|
4. Access `Manage Tenants` from the navigation bar, select your directory, and click `Switch`. |
||||||
|
5. On your directory's homepage, click `+ Add` > `Enterprise Application` from the navigation bar. |
||||||
|
6. On the `Browse AD Azure Gallery` page, select `Create your own application` from the navigation bar. |
||||||
|
a. Provide your application's name. |
||||||
|
b. Choose `Integrate any other application you don't find in the gallery (Non-gallery)` from the `What are you looking to do with your application?` options. |
||||||
|
c. `Create` |
||||||
|
7. In your Application's Overview page, navigate to `Set up single sign-on` > `SAML` |
||||||
|
8. In the SAML-based Sign-on page, go to the `Basic SAML Configuration` section under `Set up Single Sign-On with SAML` and click `Edit` |
||||||
|
a. Add the `Audience URI` under `Identifier (Entity ID)`. |
||||||
|
b. Add the `Redirect URL` under `Replay URL (Assertion Consumer Service URL)`. |
||||||
|
c. `Save` |
||||||
|
9. In the `Attributes & Claims` section, click `Edit` |
||||||
|
a. Edit the Unique User Identifier (Name ID) claim: |
||||||
|
- Select `Email address` from the `Name identifier format` dropdown |
||||||
|
- Choose `Attribute` as the `Source` |
||||||
|
- In the `Source attribute field`, select the option storing the user’s email address. |
||||||
|
- `Save` |
||||||
|
b. (Optional) For custom claims: |
||||||
|
- Click Add new claim, provide details, and save. |
||||||
|
- Ensure the claim is visible in the Additional claims section. |
||||||
|
- Copy the claim name for later use in NocoDB SAML configurations. |
||||||
|
10. Go to the `SAML Certificates` section and copy the `App Federation Metadata URL` |
||||||
|
11. on the Application's Overview page, |
||||||
|
- Click `Assign users and groups`, |
||||||
|
- Add the necessary users or groups to the application. |
||||||
|
12. Configure `Metadata URL` in NocoDB |
||||||
|
- Go to `Account Settings` > `Authentication` > `SAML` |
||||||
|
- Insert `Metadata URL` retrieved in step (10) above as `App Federation Metadata URL`; alternatively you can configure XML directly as well |
||||||
|
- `Save` |
||||||
|
|
||||||
|
For Sign-in's, user should be able to now see `Sign in with <SSO>` option. |
||||||
|
|
||||||
|
:::note |
||||||
|
Post sign-out, refresh page (for the first time) if you do not see `Sign in with <SSO>` option |
||||||
|
::: |
||||||
Loading…
Reference in new issue