Azure AD Single Tenant SSO
Internal can leverage your single-tenant Azure AD instance to provide SSO for your Internal Spaces and Data Sources.
In Azure Portal:
- Log into the tenant you'd like to use with Internal
- Find your tenant ID
- Create a Service Application for your tenant
- From that Service Application, gather both of the appID values for login
In Internal:
- Click on "Company Settings" in the lefthand navigation panel
- Select the "Security" tab from the resulting view
- Click the table row labeled "Single Sign On"

- Select "Azure AD Single Tenant" from the dropdown at the top of the resultant pop-out

- Note that the callback URI is pre-populated with the correct URL for Internal's SSO redirect

- Enter the Tenant ID and appIDs collected from Azure Portal in the fields with their respective labels

- Test your configuration! You'll be prompted to log into your Azure AD instance. A successful login will redirect to Internal.

- Select the checkbox at the bottom of the pop-out to set SSO through Azure AD as a requirement for your entire Internal instance

- Click "Save" and take the new SSO for a test drive by signing out, clearing your browser cookies and cache, and signing back in.

Updated 3 months ago