Show/Hide Toolbars

Thereforeā„¢ Help

Tutorials > Solution Designer > Access > Authentication > External User Directories > Azure Active Directory

Integrate Azure Active Directory into Thereforeā„¢ as a User Directory

 Scroll

Please take the following steps in Azure Active Directory.

 

Info

Note: User names/passwords do not need to be created in Thereforeā„¢ when using Azure Active Directory as a cloud based user directory. Thereforeā„¢ takes the users and groups defined in Azure Active Directory and authenticates the user in Azure Active Directory only, it then logs into Therefore using OpenId Connect tokens.

 

1.For the Openid Connect token, we need to create a new client ID in the Azure Tenant. This is a required prerequisite for this feature to work. Below are the step-by-step instructions to create such a client application for Thereforeā„¢.

 

Open your Azure Active Directory and click on App registrations, then New registration:

SD_T_AuthMeth_AdminTasks_AAD_001

2.Register a new app.

 The Name can be any given name , it does not need to be ā€˜Therefore Client Loginā€™.

 Set Supported account types to Accounts in this organizational directory only.

 Under Redirect URI, select Web and use http://localhost:64957/redirect.

SD_T_AuthMeth_AdminTasks_AAD_0002

3.Once the application has been registered, click on Authentication and make the following changes under Platform Configurations:

a.Add the following Redirect URIs under Web. Replace <server> with the name of your Thereforeā„¢ server:

http(s)://<server>/TWA/Client/WEB/Login/SSOLogin.aspx

http(s)://<server>/TWA/signin

SD_T_AuthMeth_AdminTasks_AAD_0003a

b.Under Implicit grant and hybrid flows, select both Access tokens (used for implicit flows) and ID tokens (used for implicit and hybrid flows). Click Save to proceed.

SD_T_AuthMeth_AdminTasks_AAD_0003b

4.Click Add a platform and click Mobile and Desktop applications.

SD_T_AuthMeth_AdminTasks_AAD_0006a

5. Select the checkbox for the URI ending with native client. Custom redirect URIs can be left empty in most cases.

SD_T_AuthMeth_AdminTasks_AAD_0007a

info

Note:

Redirect URIs for other Thereforeā„¢ applications such as the Thereforeā„¢ Go app can be found here.

If you are using the System Browser on the Thereforeā„¢ Go app, a Custom redirect URI must be configured. Please find it here.

 

6.Optional: Go to the Branding tab and change the entries as desired.

SD_T_AuthMeth_AdminTasks_AAD_006

7.In the Overview section, make a note the Client ID. This is required for configuring the Thereforeā„¢ settings.

SD_T_AuthMeth_AdminTasks_AAD_007

8.Proceed by creating a custom client application.

Ā© 2024 Therefore Corporation, all rights reserved.