github
/
nocodb
mirror of https://github.com/nocodb/nocodb
1
0
Fork 0
Code Issues Releases Wiki Activity
多维表格
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
20451 Commits
135 Branches
274 Tags
1.2 GiB
 
 
 
 
 
 
Tree: a8511046d4
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'a8511046d4'
${ noResults }
nocodb/packages/noco-docs/docs/140.account-settings/030.authentication/030.SAML-SSO/040.azure-ad.md

3.3 KiB
Raw Blame History

title description tags keywords
Azure AD (Entra) Learn how to configure Active Directory as an identity provider for NocoDB. [SSO Active Directory SAML] [SSO Active Directory SAML Authentication Identity Provider]

:::warning SSO is available under private beta for self hosted enterprise customers. Please reach out to us for early access. :::

This article briefs about the steps to configure Active Directory as Identity service provider for NocoDB

NocoDB, Retrieve SAML SSO Configuration details

  1. Go to Account Settings
  2. Select Authentication (SSO)
  3. Click on New Provider button
  4. On the Popup modal, Specify a Display name for the provider; note that, this name will be used to display the provider on the login page
  5. Retrieve Redirect URL & Audience / Entity ID; these information will be required to be configured later with the Identity Provider

SAML SSO Configuration SAML SSO Configuration SAML SSO Configuration

Azure AD, Configure NocoDB as an Application

  1. Sign in to your Azure account and navigate to Microsoft Entra admin center > Identity > Enterprise applications
  2. Click + New application
  3. On the Browse Microsoft Entra Gallery page, select Create your own application from the navigation bar. a. Provide your application's name. b. Choose Integrate any other application you don't find in the gallery (Non-gallery) c. Create
  4. On your application page, navigate to Manage > Single sign-on > SAML
  5. Go to the Basic SAML Configuration section under Set up Single Sign-On with SAML and click Edit a. Add the Audience URI under Identifier (Entity ID). b. Add the Redirect URL under Replay URL (Assertion Consumer Service URL). c. Click Save
  6. In the Attributes & Claims section, click Edit a. Edit the "Unique User Identifier (Name ID)" claim: - Select Email address from the Name identifier format dropdown - Choose Attribute as the Source - In the Source attribute, select user.mail - Click Save [//]: # ( b. (Optional) For custom claims:) [//]: # ( - Click Add new claim, provide details, and save.) [//]: # ( - Ensure the claim is visible in the Additional claims section.) [//]: # ( - Copy the claim name for later use in NocoDB SAML configurations.)
  7. Go to the SAML Certificates section and copy the App Federation Metadata URL
  8. on the Application's Overview page,
    • Click Users and groups,
    • Add the necessary users or groups to the application.

NocoDB, Configure Azure AD as an Identity Provider

  1. Go to Account Settings > Authentication > SAML
  2. Insert Metadata URL retrieved in step above; alternatively you can configure XML directly as well
  3. Save

SAML SSO Configuration

For Sign-in's, user should be able to now see Sign in with <SSO> option.

SAML SSO Configuration

:::note Post sign-out, refresh page (for the first time) if you do not see Sign in with <SSO> option :::