Kepion provides simple but secure access through single sign-on (SSO) with Azure AD. This article walks you through each step of the configuration process:
Complete the required steps to configure SSO with Azure AD, allowing you to better manage and secure your users' login credentials.
Step 1. Configure Azure AD
Before you can configure SSO with Azure AD, you need to have created an Azure app registration. Refer to this article if you haven't done so.
Step 2. Configure Kepion
Note: Azure AD is a default identity provider in Kepion. Users can start setting up SSO with it by completing the steps below.
1. Go to Azure AD and select Edit.
2. Select Enable for sign-in.
3. Select the relevant option from the Mode dropdown:
- Azure AD Standalone: Organization uses Azure AD to manage users and authentication. Users can sign in with their Azure credentials.
- Azure AD Integrated: Organization's on-premises Active Directory (AD) is integrated with Azure AD. Users can sign in with both their domain accounts and Azure credentials.
4. Copy/paste the Tenant ID, Client ID, and Client Secret from your Azure Portal to the according field.
5. (Optional) Enter a number in hours for Session Timeout. If left empty, the session timeout is set to 168 hours (7 days).
Tip: Enter decimals if you need to set the session timeout to smaller units than hours (e.g., 7.5 hours for 7 hours and 30 minutes).
6. Select Save.
Step 3. (Optional) Manage Azure users in Kepion
For those managing Azure users in Kepion, you must fill out the remaining fields. Follow the steps below for instructions.
1. Copy/paste the App Registration ID and Enterprise Application ID from your Azure Portal to the according field.
2. In the Invite Redirect URL field, enter the URL users will be redirected to after accepting the invitation to join the Azure AD.
3. Select Save.
You're all done! Ensure users test their Kepion access to verify you've configured SSO correctly.