SSO with Azure AD

Configure SSO using OpenID Connect and Azure AD

📘

OpenID Connect

To become familiar with OpenID Connect in Budibase, see: OpenID Connect

Configuration

Create the application

Create the Budibase application using a new 'App Registration'

Add the application name

Ignore the Redirect URI for now.

Find your configuration details

Configuration URL

Visit 'Overview' > 'Endpoints'.

Use the OpenID Connect metadata document field as your Configuration URL in Budibase.

📘

Newer versions of Azure Portal may include a generic OpenID URL like: https://login.microsoftonline.com/common/v2.0/.well-known/openid-configuration

In that case you will need to manually edit the URL and include the tenant ID: https://login.microsoftonline.com/[TENANT_ID]/.well-known/openid-configuration

Client ID

Visit 'Overview'

Use the Application (client) ID field as your Client ID in Budibase.

Client Secret

Visit 'Certificates & secrets', click on 'Add client secret', give your secret a description/expiry, and save.

View your newly created secret

Use the Value field as your Client Secret in Budibase.

Add your callback URL

Visit 'Authentication' and click 'Add a platform' -> 'Web'. Enter your callback URL.