Supporting Azure Active Directory depends on the Azure License type. If the users are on an Azure AD premium level, the user authentication handling is similar to On-premise AD using user groups. If the Azure AD is basic level, the user group handling is not available, and the credentials must be handled by creating an Enterprise Application and giving users roles in the Enterprise Application. The user roles will control the user level in Noah.
Azure Active Directory Setup using Groups
Setting up Noah Security for Azure Active Directory is found in the Noah Console. User Administration – Security. When selecting to use Azure Active Directory for logging in, the Configuration needs to be updated. The following is a sample:
Client ID is the ID of the native App used for login credentials. In Azure AD administration, use App Registration to Create a Native application:
Set Redirect Url to e.g.: http://noahnative
Redirect Url in Noah configuration must be set to the Redirect URI.
Change the App permissions settings; select App Registrations and select “All Apps” in the dropdown list.
Select the newly created App. Note the Application ID is used in Noah as Client ID:
Continue to set permissions by clicking Settings – Required permissions – Windows Azure Active Directory.
Tick off the two items “Access the directory as the signed-in user” and “Sign in and read user profile” and choose Save:
Resource in the Noah Configuration is: https://graph.windows.net/. This is a link to the Azure Active Directory (AD) Graph API used by Noah.
Authority is https://login.windows.net/[directory ID] where Directory ID is found in Azure Active Directories – Property on the Directory. Note the Directory ID: