Here you can find instructions how to configure TrivoreID authentication to work with Azure AD. Configuring Azure AD itself is out scope of this document (only general requirements provided).
Configure TrivoreID
First, select User directories from main menu as shown below and click button Add directory.
You will be asked to select directory type. Select Azure AD.
Core settings
Configure necessary settings, including Name, Tenant, Client ID and Client secret. Depending on your use-case, you may also need to adjust Scope value. Default Scope value provides access to basic user information and is sufficient for most use-cases.
Appropriate values for Tenant, Client ID and Client secret all depend on the service provider (the organisation managing the Azure AD instance you are integrating to). Azure AD needs to be configured first before these values are available. You will need the Redirect URL (shown in picture) value when configuring Azure AD. Note that this value is different for every TrivoreID instance.
Field | Description |
|---|---|
Name | Any name you want to choose for this directory. |
Tenant | Azure AD instance unique identifier. |
Client ID | OpenID Connect client_id parameter. |
Client secret | OpenID Connect client_secret parameter. |
User information
After you have configured necessary core settings, you may need to adjust user attribute mappings. Default mappings are suitable for most cases.
Azure AD uses common user attribute mappings documented at Common settings . Photo URL is not yet implemented.