Enable Microsoft Azure authentication

To enable Single Sign-On (SSO) with Microsoft Azure, you must first create a Microsoft Azure application and client secret and configure API access permissions. You will then use your application’s ID, client secret, and directory ID to link NXLog Platform to Microsoft Azure.

Create a Microsoft Azure application

  1. Log in to the Microsoft Azure portal and go to App registrations. Use the search bar at the top of the page if you don’t see it on your home page.

  2. Click New registration on the top-left or Register an application if this is your first application.

  3. Enter an application Name, for example, NXLog Platform.

  4. Choose the Supported account types.

  5. Specify the Redirect URI https://auth.nxlog.example.com/landing of platform type Web, replacing nxlog.example.com with your NXLog Platform domain. This is where Microsoft Azure will redirect users after authorization.

    Register a Microsoft Azure application
  6. Click the Register button to finish creating your application. Take note of the Application (client) ID and Directory (tenant) ID; you will need these to link NXLog Platform to Microsoft Azure.

    Microsoft Azure application overview

Create a client secret

  1. Click Certificates & Secrets under Manage.

  2. Click the Client secrets view and then click New client secret.

  3. Enter a description and choose an expiration period. Take into consideration that authentication will stop working after the expiration period.

  4. Click the Add button.

  5. Take note of the secret Value; you will need it to link NXLog Platform to Microsoft Azure.

    Create a Microsoft Azure client secret

Add API permissions

  1. Click API Permissions under Manage.

  2. Verify that User.Read for Microsoft Graph is listed under the configured permissions. If not, click Add a permission to add it.

    Microsoft Azure API permissions
  1. Log in to NXLog Platform and navigate to Administration > Tenant operations > Platform configuration.

  2. Look for the Microsoft Azure section under Social login.

  3. Enter your Microsoft Azure application ID, client secret, and directory ID in the Client ID, Secret, and Tenant ID fields.

  4. Enable the switch (green). NXLog Platform hides the Secret and Tenant ID and enables SSO authentication with Microsoft Azure.

    NXLog Platform Microsoft Azure authentication

Invite users to NXLog Platform

Before users can sign in using Microsoft Azure, you must invite them to NXLog Platform using their email address, and they must accept the invitation to create an account. See Manage organization users for more information.