/
How to create Azure Active Directory application

How to create Azure Active Directory application

Owned by Chelsi Volpe (Unlicensed)
Last updated: May 18, 2023
4 min read

One of the authentication options is provided in Conduit is Azure Active Directory.
Conduit enables Single sign-on solutions for all users accessing datasources as well as central authorization via AD groups. 

Conduit allows users to establish a link with an Azure Active Directory (AAD) subscription. This gives administrators the option to manage their organization's data access policies centrally in AAD so that they translate automatically to Conduit. This helps to streamline the data that users can explore.

Enabling Active Directory login requires an Active Directory app registration with the following properties that need to be filled in Conduit.

  • Active Directory Authority

  • Application ID

  • Client Secret

This tutorial will guide you to create and find the above properties.

 

TABLE OF CONTENTS

Instructions to create an AAD App registration

Step by step guide to create a new Azure Active Directory App registration

Step 1) Navigate to new registration

Step 1.1) Navigate to Azure ActiveDirectory

Step 1.2) Click on App Registrations

 

Step 1.3) Click on New Registration

 

Step 2) Create new registration

  • provide a user friendly name for your app

  • select account type

    • “Accounts in this organizational directory only (YOUR-TENANT)”

  • click register

 

Step 3) Configure Redirect URIs

Step 3.1) Have in a notepad the following Conduit redirect URLs:

USER_LOGIN_URL

  • HTTP_PROTOCOL://CONDUIT_FQDN/login/oauth2/code/azure/user

    • e.g. https://conduit-my-deployment.com/login/oauth2/code/azure/user

SUBSCRIPTION_VALIDATION_URL

  • HTTP_PROTOCOL://CONDUIT_FQDN/login/oauth2/code/azure/subscription/validation

    • https://conduit-my-deployment.com/login/oauth2/code/azure/subscription/validation

LOGOUT_URL

  • HTTP_PROTOCOL://CONDUIT_FQDN/logout/oauth2

    • https://conduit-my-deployment.com/logout/oauth2

 

Step 3.2) Open new app registration 

Navigate to your newly created app registration, e.g. conduit-tutorial-activedirectory-app

  • open Azure Active Directory → App registrations → select “All applications” tab → search for the name provided at previous step

 

Step 3.3) Add USER_LOGIN_URL redirect URI

  • click on Authentication

  • click on “Add a platform”

  • click on “Web”

 

  • add USER_LOGIN_URL as an authorized Redirect URI

  • click “Configure”

Step 3.4) Add SUBSCRIPTION_VALIDATION_URL redirect URL

  • click on “Authentication”

  • click on “Web” → “Add URI”

  • add SUBSCRIPTION_VALIDATION_URL

 

Step 3.5) Add LOGOUT_URL redirect URL

  • click on “Authentication”

  • navigate to “Front-channel logout URL”

  • add LOGOUT_URL

Step 3.6) Save authentication settings

  • click “Save”

  • remaining settings can be left on default values

 

Step 4) Configure Client Secret

Step 4.1) Create a secret

Navigate to your newly created app registration, e.g. conduit-tutorial-activedirectory-app

  • open Azure Active Directory → App registrations → select “All applications” tab → search for the name provided at previous step

  • click on “Certificates & secrets”

  • add a user friendly description for your secret

  • select expiration policy

  • click “Add”

 

Step 4.2) Copy in a notepad the SECRET_VALUE

  • !!! client secret can only by viewed at this stage !!!

    • copy the value in safe location

    • you cannot view the secret later if you navigate away from this page

    • a new secret can be created later, but this secret cannot be read again

 

 

 

Find Active Directory Authority

Navigate to your newly created app registration, e.g. conduit-tutorial-activedirectory-app

  • open Azure Active Directory → App registrations → select “All applications” tab → search for the name provided at previous step

  • click on overview

  • copy Directory (tenant) ID

    • this is your Active Directory Authority

 

 

Find Application ID

Navigate to your newly created app registration, e.g. conduit-tutorial-activedirectory-app

  • open Azure Active Directory → App registrations → select “All applications” tab → search for the name provided at previous step

  • click on overview

  • copy Application (client) ID

 

Find Client Secret

Client secret can only be read at app registration creation.

See above section “Instructions to create an AAD App registration”.

 

 

Related articles

Related content

Active Directory Enable Access for All Users at Tenant Level
Active Directory Enable Access for All Users at Tenant Level
Blueprint Lakehouse Optimizer Documentation
More like this
Data Access Overview
Data Access Overview
Data Management Accelerators Documentation
More like this
Installing from Azure Marketplace
Installing from Azure Marketplace
Data Management Accelerators Documentation
More like this
REST API Endpoints
REST API Endpoints
Data Management Accelerators Documentation
More like this
How to Add New Users for LHO on Azure
How to Add New Users for LHO on Azure
Blueprint Lakehouse Optimizer Documentation
More like this