search

Microsoft

hashtag
Sample Configuration

hashtag
Values You Would Require at SSO Provider

Devtron provides a sample configuration out of the box. There are some values that you need to either get from your SSO provider or give to your SSO provider.

hashtag
Values to Fetch

  • clientID

  • tenantID (required only if you want to use Azure AD for auto-assigning permissions)

    Fetching Client ID and Tenant ID

  • clientSecret

    Fetching Secret

hashtag
Values to Provide

  • redirectURI (provided in SSO Login Services by Devtron)

    Copying Redirect URI from Devtron
    Pasting Redirect URI

hashtag
Reference

hashtag
Auto-assign Permissions arrow-up-right

circle-info

Make sure to add tenantID in the SSO configuration field without fail.

Since Microsoft supports Active Directory (AD)arrow-up-right , this feature further simplifies the onboarding process of organizations having a large headcount of users. It also eliminates repetitive permission assignment by automatically mapping your Azure AD groups to Devtron's Permission Groups during single sign-on (SSO) login.

Enabling Permission Auto-assignment

If you've defined groups in your Active Directory, you can create corresponding permission groups in Devtron with the same names. When members of those Active Directory groups first log in to Devtron, they'll automatically inherit the permissions from their Devtron permission group. This means you can't manually adjust or add individual permissions for users mapped to a permission group.

circle-exclamation

SSO login requires exact matching between Devtron permission group names and AD groups. Any discrepancies or missing groups will prevent successful login.

Once you save the configuration with this feature enabled, existing user permissions will be cleared and the future permissions will be managed through permission groups linked to Azure Active Directory (Microsoft Entra ID) groups.

circle-info

If your AD permissions aren't reflecting in Devtron, a quick sign-out and sign-in can resolve the issue.

PreviousGitLabNextLDAP

Last updated