You are here:

Azure OpenID

The following guide is to help the deployment of an Azure OpenID configuration as the authentication provider for Pyramid. Azure is not that different to generic OpenID, but there are some key aspects that are unique.

Note: This feature is available with Enterprise licensing only.

Azure OpenID Setup

Setup new App Registration

Name the application and set the redirect URI To Web and set the value of the https://Pyramidsite.pyramidanalytics.com/login/openid_callback

Click the Register button.

Create App Role

Go to Manage->App Role, and click create app role

Then edit the role and set it to allow member types: Both (Users/Groups + Applications)

In the newly assigned app registration, save the Application (client) ID, and open the Endpoints list:

Setting the provider up in Pyramid

Open authentication manager in the Pyramid admin console: Pyramid Admin>Security>Authentication, click the Change Provider button.

Take all the setup information from the previous steps to fill in this form:

Endpoint URL: Authorization URL
Client ID: Client ID
Redirect URL: Redirect URI
Logout URL: the URL address that will be used when the user logs out of the Pyramid app
JSON Web Keys URI: https://login.microsoftonline.com/common/discovery/keys

Test the setup and Initial User

Test the connection, if it works you will get this pop-up:

Copy the External ID and paste it in the relevant field in the initial user setup.

User Provisioning Setup

The Azure OpenID provider can be used for auto provisioning in Pyramid. Click here for more details.

Save your changes

Click Apply to start the provider change over process. At this stage, the existing users attached to the previous authentication system need to be converted over.

Admins will be prompted to either:

Delete all existing users and delete their content
Convert old users to the new provider (through the user conversion wizard), and keep their content

Since this exercise cannot be rolled back once the changes are committed, admins need to step through this exercise carefully.

For a detailed explanation and walk-through, click here to see User Conversion

Feedback

Couldn't find what I was looking for

Help was confusing, unclear or incomplete

Instructions didn't work