Microsoft Azure AD (Authentication)

What is Azure?

Microsoft Azure is a comprehensive cloud platform that can host your existing applications and simplify the development of new applications.

Azure can even enhance on-premises applications. It integrates the cloud services you need to develop, test, deploy, and manage your applications, all while taking advantage of cloud computing efficiencies.

With all the services that Azure offers, it can be an intimidating task to figure out which services you need to support your solution architecture.
This section highlights the Azure services typically used by developers. For a list of all Azure services, refer to the Azure Documentation.
Source: https://docs.microsoft.com/pt-br/azure/guides/developer/azure-developer-guide#what-is-azure

SmartCenter and Azure AD Integration The purpose of this integration is to enable login to SmartCenter using users managed in Microsoft Azure AD.
All of this is achieved through an Application created as a “Group,” containing the users available for login to SmartCenter.
This way, it is possible to grant access to specific users or the entire organization.

To carry out the integration, follow the steps below:

1- Access the Azure portal at: https://portal.azure.com/
2-  Left side menu > All services.

3- Search for “Application” and go to > Application logs.

4- Register an application for the Company, which will be the “Group” of users to login > New registration.

5- When creating the record, enter the Name (SmartCenter AD Integration) and enter the URL: https://lad1-smartcenter.almaden.app/auth/azureAD/enter_your_code, Save and proceed.

6- When creating the application, you will be redirected to the Application Overview page, copy the information: Application ID (client) and Directory ID (tenant) and insert them in the respective fields below the SmartCenter.

7- Access the Authentication menu, add the url https://lad1-smartcenter.almaden.app/azure/code and enable the two options Access Tokens and ID Tokens, to securely authorize the accesses made.

8- Access the Certificates and Secrets menu, add a new customer secret.
Description: key_automatos.

9- After adding the customer secret, copy the column Value and enter it in the respective field below in SmartCenter.

10- Once this is done, the integration is complete. Then it will be necessary to associate users for Login.

11- Return to the Overview page and you will have the link to the page of the created application, as indicated in the image.

12- On the application management page, access the menu properties to define the required user role.

13- Once integrated with MS Azure AD, login will only be via main SmartCenter account and users managed in Azure AD (users previously created as subaccounts with email and password, will not have access).

Any user of Azure AD allowed to login, when performing the first access, will be automatically identified as a new subaccount in SmartCenter, therefore, it will be necessary for the account administrator to perform the association of Departments for this new subaccount..