Entra ID\ Azure AD Single Sign-On
- bkepler@bpcs.com
To configure SSO, please follow the instructions below.
Quickstart: Register an app in the Microsoft identity platform - Microsoft identity platform
Save the Entra\AAD Tenant id and the Application ( client ) id for the newly created App Registration.
Create an application client secret, saving the generated value for later use in the deployment process.
Make note of the expiration date of the secret. Lakehouse Optimizer leverages secret stores for this sensitive value. Depending on the cloud environment, ensure either the Keyvault entry or AWS Secrets Manager values are rotated before they expire.
Click “Add a platform” under Authentication to add a Web platform authentication configuration
Enable the authorization endpoint to issue ‘ID tokens’ under ‘Authentication’
If you’ve decided on a DNS name for the app, you can also at this time update the Web Redirect URI to include
https://{dns record name}/login/oauth2/code/azureYou can also update this value after deployment. It must be configured correctly to enable Azure AD SSO.
Configuration is complete. Navigate back to the deployment page and continue with the rest of the deployment.