mirrors/hedgedoc
1
0
Fork 0
mirror of https://github.com/hedgedoc/hedgedoc.git synced 2025-05-24 12:07:08 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Docs: Authentication - Azure Active Directory

Browse source 
Signed-off-by: Pramit Singh <pramitsingh0@gmail.com>
This commit is contained in:
Gradience Team 2023-07-07 05:58:33 +05:30 committed by Philip Molares
parent deb80abdfb
commit adec78851c
9 changed files with 42 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

41
docs/content/guides/auth/azure-ad.md Normal file
View file

@ -0,0 +1,41 @@
# Authentication Guide: Azure Active Directory
1. Login or Sign-up on portal.azure.com
2. Navigate to Azure Active Directory from the homepage or the sidebar.
![azure active directory service in azure portal page](../../images/auth/azure-active-directory-navigation.png)
3. Navigate to App Registration
![where to create new app registration](../../images/auth/azure-active-directory-new-registration.png)
4. Enter Name "HedgeDoc". Then click on Register
![how to register an app](../../images/auth/azure-active-directory-register.png)
5. In the next page, click on `Add a certificate or secret` then navigate to `Client Secrets`.
Create a new client secret, add a description of your choice and copy the secret value.
![generate new secret key](../../images/auth/auzre-active-directory-new-secret.png)
6. Navigate to authentication page, then add a new platform. Select web as the platform.
![Authentication page showing how to add a new web platform](../../images/auth/azure-active-directory-authentication.png)
7. Set the `Redirect URI` to `https://YOURHOSTNAME/auth/oauth2/callback`. Check `ID Tokens` and uncheck `Access Token`.
![configuring redirection uri](../../images/auth/azure-active-directory-redirect-uri.png)
8. Retrieve the APPLICATION-ID and DIRECTORY-ID from the "Overview" section.
![Find application id and directory id from overview page](../../images/auth/azure-active-directory-overview.png)
9. Pass in your credentials as environment variables down below.
```sh
CMD_OAUTH2_USER_PROFILE_URL=https://your.azureprofileurl.com/auth/oauth2/callback
CMD_OAUTH2_USER_PROFILE_USERNAME_ATTR=yourPrincipalName
CMD_OAUTH2_USER_PROFILE_DISPLAY_NAME_ATTR=displayName
CMD_OAUTH2_USER_PROFILE_EMAIL_ATTR=email
CMD_OAUTH2_USER_PROFILE_ID_ATTR=id
CMD_OAUTH2_TOKEN_URL=https://login.microsoftonline.com/**DIRECTORY-ID**/oauth2/v2.0/token
CMD_OAUTH2_AUTHORIZATION_URL=https://login.microsoftonline.com/**DIRECTORY-ID**/oauth2/v2.0/authorize
CMD_OAUTH2_CLIENT_ID=APPLICATION-ID
CMD_OAUTH2_CLIENT_SECRET=CLIENT-SECRET
CMD_OAUTH2_PROVIDERNAME=AzureAD
CMD_OAUTH2_SCOPE=openid_offline_access
```