Skip to content

Adding login with Microsoft Account⚓︎

  1. Ensure you comply with the pre-requisites at Pre Requisites Virtual Networks and Pre Requisites (in that order) and that you have sufficient permissions to create new App Registrations in Microsoft Entra ID.
  2. In Azure Portal, navigate to Microsoft Entra ID.
  3. In the top-left corner of the Microsoft Entra ID page, click "Add -> App registration".
  4. In the next page, choose a name for your app. We recommend a memorable and unique name so you can easily reference this registration in the future.
  5. Choose which accounts can access your registration/app. We recommend setting "Accounts in this organizational directory only" (usually the default option), as this limits logins to users in your organization.
  6. Set your redirect URI: set platform to Web and the URI to something like https://my.domain.net/signin-microsoft .
    1. If you have a Custom Domain set according to Adding A Custom Domain, set "my.domain.net" to that value.
    2. If you do not have a Custom Domain, use the default domain Azure assigned to the smart-documentor Container App. You can find this by navigating to the smart-documentor resource and copying the URL in the Initial/Overwiew page in the top right under Application Url.
  7. Your final registration will look something like this. Hit "Register" once done.
  8. In the registrations' page, head to "Certificates and Secrets" and click "New client secret". Name your secret and assign it a suitable expiration according to your compliance and security requirements.
  9. Once created, copy the Value of the created secret to a secure temporary place. You won't be able to view this value after you leave this page.
  10. Navigate to the "Overview" tab of the app registration, and copy the Application (client) ID value.
  11. With these two values copied, navigate to the resource group and find the Key Vault resource with the name kv-app-config-xxxxxx , where the last 6 characters are unique to your deployment.
    1. Click the "Secrets" tab under "Objects" on the left.
    2. Add the following three secrets with the following parameters:
    3. Name: Authentication--EntraId--Active , with value true.
    4. Name: Authentication--EntraId--Settings--ClientId , with the value set to the Client ID you copied in the previous step.
    5. Name: Authentication--EntraId--Settings--ClientSecret , with the value set to the Secret Value you copied in the previous step.
  12. Navigate to the smart-documentor Container App and click the "Containers" tab under "Application". In this page, click "Save as a new revision" and wait until the revision is applied. If "Save as a new revision" is not available, simply disable and re-enable the container in the "Overview" tab.
  13. If your open SmartDocumentor in your browser, the login page should now display a "Login with Microsoft" button.

Info

"Save as a new revision" is equivalent to an application restart. For configuration secrets to be applied, a restart is always necessary.