Azure AD Auth Module
Azure AD authentication module lets you integrate Space with Microsoft identity platform also known as Azure Active Directory (Azure AD).
When you confugure and enable the Azure AD authentication module in Space:
Space users will be able to log in to Space with their Microsoft credentials including:
work or school accounts (provisioned through Azure AD)
personal Microsoft accounts (such as Skype, Outlook.com)
Space users will have fewer accounts and passwords to remember.
New users with Microsoft accounts will be able create their own accounts in Space.
Enable Azure AD authentication
To enable Azure AD authentication, configuration is required on both the Azure Portal and Space sides.
Get Redirect URI from Space
On the navigation bar, click Administration and choose Auth Modules.
Click New auth module. The New Auth Module dialog opens.
From the Type drop-down list, select Azure AD.
On the New Auth Module form, copy the Redirect URI which is shown under the Client ID field.
Register your Space organization with your Azure AD tenant
In a new browser tab or window, sign in to Azure Portal.
Register (set up) a new application. To register it, follow the Azure instructions and the notes below:
Name - enter a meaningfull name associated with your Space organization.
Redirect URI - select Web then enter the Redirect URI you copied from the New Auth Module form in Space.
Provide Azure-generated parameters to Space
In Azure Portal, open your newly registered application:
Copy the following values:
Application (client) ID
Directory (tenant) ID
and paste them into the corresponding fields (Client ID and Tenant ID of the Azure AD auth module form in Space.
In Azure portal, generate a Client secret. Go to the Certificates & secrets section of your applicaton and press New client secret:
Copy the Client secret value and paste it into the corresponding field of the Azure AD auth module form in Space.
Choose the authentication options and enable the Azure AD auth module
On the New Auth Module form in Space, choose the following options:
On— Accounts in the Space organization will be created automatically for unregistered users who log in using Active Directory authentication module.
Off— Active Directory logins will be only available to users who already have an account in the Space organization.
Trust email verification
If checked, Space will accept all user email addresses from by Azure AD as verified.
Switch the Azure AD auth module status to Active.
Click Create to save your settings and enable the module.