Azure Active Directory OIDC Configuration
Configuration in Azure AD
- Open Microsoft Entra Admin Center
- Select Applications -> App registrations -> New registration
In following menu:
- Enter a Name for your reference (1)
- Select the types of accounts who are allowed to login (2) - this is the first option "Single tenant" in most cases
- Enter the redirect url of your application in the following format: https://your.url/login/oidc/azure/callback (3)
- Select type "Web" for redirect url (4)
In the newly created "App registration", go to the Token configuration submenu and add the following optional claim:
- TokenType: ID
- Claims: auth_time, login_hint
Next go to the "Certificates & Secrets" submenu and add a new client secret with 24 months validity (this is the maximum) and any description.
- Copy the value of the newly created secret and store it for later use.
- Finally go to the "Overview" submenu and copy the values Application (client) ID and Directory (tenant) ID.
You should now have the following values:
- Client ID
- Client secret
- Azure tendant ID
You are lucky. Just send the values from the previous steps to us and we'll take care
The values from the previous steps need to be passed as environment variables to the SysReptor docker container.
You can add them to
OIDC_AZURE_TENANT_ID=<azure tenant id> OIDC_AZURE_CLIENT_ID=<azure client id> OIDC_AZURE_CLIENT_SECRET=<azure client secret>
The OIDC client needs to be able to establish a network connection to Azure AD. Make sure to not block outgoing traffic.
Restart the docker container by going to