EntraID (Azure AD)

Pre-requisites

• Azure account, with an existing Azure Active Directory

• You'll need permissions to create an App Registration within your Azure AD

Step 1- Setup in Azure Active Directory

1. Log in to your Microsoft Azure portal and go to Azure Active Directory.

2. Click Properties and save your Tenant ID for later.

3. Under Manage, select App registrations.

5. On the Register an application page, give the application a name. (OpenGovernance - Kaytu)

6. Set Supported account types to Accounts in this organizational directory only (Default Directory only - Single tenant).

7. Click Register.

8. Copy the Application (client) ID and save for later.
9. Click Add a Redirect URI.

10. Under Platform configurations, click Add a platform.

11. Select Web.

12. The Redirect URI is https://<call-back>/sso/oidc/callback.

13. Click Configure.

14. Under Manage, select Certificates & secrets.

15. Click New client secret.

16. Give the secret a name and set the expiration date to your company's policy.

19. In the automation page, there is a oidc.yaml filter. Replace vales withpage to enter the copied Client ID, Client Secret, Redirect URI and Issuer URL values.

20. Enter https://login.microsoftonline.com/<YOUR_TENANT_ID>/v2.0 as the Issuer URL, substituting your Tenant ID for <YOUR_TENANT_ID>, to finish the configuration.