mirror of https://github.com/nocodb/nocodb
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
3.1 KiB
3.1 KiB
title | description | tags | keywords |
---|---|---|---|
Azure AD (Entra) | Learn how to configure Active Directory as an identity provider for NocoDB. | [SSO Active Directory SAML] | [SSO Active Directory SAML Authentication Identity Provider] |
This article briefs about the steps to configure Active Directory as Identity service provider for NocoDB
NocoDB, Retrieve SAML SSO
Configuration details
- Go to
Account Settings
- Select
Authentication (SSO)
- Click on
New Provider
button - On the Popup modal, Specify a
Display name
for the provider; note that, this name will be used to display the provider on the login page - Retrieve
Redirect URL
&Audience / Entity ID
; these information will be required to be configured later with the Identity Provider
Azure AD, Configure NocoDB as an Application
- Sign in to your Azure account and navigate to
Microsoft Entra admin center
>Identity
>Enterprise applications
- Click
+ New application
- On the
Browse Microsoft Entra Gallery
page, selectCreate your own application
from the navigation bar. a. Provide your application's name. b. ChooseIntegrate any other application you don't find in the gallery (Non-gallery)
c.Create
- On your application page, navigate to
Manage
>Single sign-on
>SAML
- Go to the
Basic SAML Configuration
section underSet up Single Sign-On with SAML
and clickEdit
a. Add theAudience URI
underIdentifier (Entity ID)
. b. Add theRedirect URL
underReplay URL (Assertion Consumer Service URL)
. c. ClickSave
- In the
Attributes & Claims
section, clickEdit
a. Edit the "Unique User Identifier (Name ID)" claim: - SelectEmail address
from theName identifier format
dropdown - ChooseAttribute
as theSource
- In theSource attribute
, selectuser.mail
- ClickSave
[//]: # ( b. (Optional) For custom claims:) [//]: # ( - Click Add new claim, provide details, and save.) [//]: # ( - Ensure the claim is visible in the Additional claims section.) [//]: # ( - Copy the claim name for later use in NocoDB SAML configurations.) - Go to the
SAML Certificates
section and copy theApp Federation Metadata URL
- on the Application's Overview page,
- Click
Users and groups
, - Add the necessary users or groups to the application.
- Click
NocoDB, Configure Azure AD as an Identity Provider
- Go to
Account Settings
>Authentication
>SAML
- Insert
Metadata URL
retrieved in step above; alternatively you can configure XML directly as well Save
For Sign-in's, user should be able to now see Sign in with <SSO>
option.
:::note
Post sign-out, refresh page (for the first time) if you do not see Sign in with <SSO>
option
:::