Azure AD Single Tenant SSO
Internal can leverage your single-tenant Azure AD instance to provide SSO for your Internal Spaces and Data Sources.
In Azure Portal:
- Log into the tenant you'd like to use with Internal
- Find your tenant ID
- Create a Service Application for your tenant
- From that Service Application, gather both of the appID values for login
- Click on "Company Settings" in the lefthand navigation panel
- Select the "Security" tab from the resulting view
- Click the table row labeled "Single Sign On"
- Select "Azure AD Single Tenant" from the dropdown at the top of the resultant pop-out
- Note that the callback URI is pre-populated with the correct URL for Internal's SSO redirect
- Enter the Tenant ID and appIDs collected from Azure Portal in the fields with their respective labels
- Test your configuration! You'll be prompted to log into your Azure AD instance. A successful login will redirect to Internal.
- Select the checkbox at the bottom of the pop-out to set SSO through Azure AD as a requirement for your entire Internal instance
- Click "Save" and take the new SSO for a test drive by signing out, clearing your browser cookies and cache, and signing back in.