GuidesAPI ReferenceSign-UpRecipes
Guides
Start typing to search…

Azure Active Directory (AD)

Azure Active Directory (AD) is a cloud-based identity and access management service provided by Microsoft. Integrating Azure AD with DataGuard CPM enables Single Sign-On (SSO) for your users, allowing them to authenticate using their existing Azure AD credentials.

Setting Up Authentication

To set up authentication with Azure AD, follow these steps:

1. Create an Application in Azure AD

  1. Log in to Azure AD and navigate to "App registrations."

  2. Click "New registration."

  3. Enter a name for the registration, such as "DataGuard CPM."

  4. Select the appropriate account type for your organisation.

  5. Under "Redirect URI," select "Web" from the dropdown menu.

  6. Enter the appropriate URL based on your environment:

    EnvironmentAuth0 URL
    Sandboxhttps://sandbox-consentric.eu.auth0.com/login/callback
    Production EUhttps://dgconsentde.eu.auth0.com/login/callback
    Production UKhttps://consentric.eu.auth0.com/login/callback

  7. Click "Register."

2. Create a Client Secret

  1. Go to "Certificates & secrets" in your Azure AD application.
  2. Click on "Client secrets."
  3. Select "New client secret."
  4. Provide a name for the secret, such as "DataGuard CPM SSO."
  5. Choose an expiration time for the secret.
  6. Click "Add."

3. Provide Information to DataGuard

Send the following information to your DataGuard customer success manager:

  • Primary Domain: Found on the Azure AD Overview page.
  • Application (client) ID: The ID for the App Registration you created.
  • Client Secret Value: The value of the secret created in the previous step.

Setting Up Authorisation

To authorise users in DataGuard CPM, follow these steps:

1. Create User Groups in Azure AD

Azure AD handles user authentication, but to grant specific permissions within DataGuard CPM, you need to create user groups:

  • DG_Permissions_Agent: Allows the user to view Citizen information stored in the CPM instance.
  • DG_Permissions_Admin: Allows the user to configure the CPM instance.

2. Assign Users to Groups

Add users to these groups based on the level of access they require. This ensures that once SSO is set up, users will have the appropriate permissions when they sign in.

Updated about 2 months ago