Skip to content

Connect Azure AD as an External IDP with Gluu Server through Passport#


  • Azure AD administration portal
  • Gluu Server with Passport installed

Register Application at Azure Portal#

  1. Login into Azure Portal
  2. Go to Microsoft Entra ID( Previously known as Azure AD)
  3. Go to Enterprise applications (left sidebar)
  4. New Application > Create your Own application
  5. Set your application name and choose 2nd one from the application type (Register an application to integrate with Microsoft Entra ID (App you're developing)) then create

Screenshot 2023-12-26 at 17 50 19

  1. On the next page, choose account types (single tenant)
  2. register

Screenshot 2023-12-26 at 17 52 25

Configure Application#

Go to Enterprise application again, you will see a list of applications there.

  1. select the application you just created in the above steps
  2. go to user and groups and add some users
  3. go to Single sign-on > Application Settings. You will see details of the application
  4. from Endpoints You will get an OpenID configuration Endpoint which may look like this:[Directory (tenant) ID]/v2.0/.well-known/openid-configuration

Screenshot 2023-12-26 at 18 11 04

Grab: - from the OpenID Config URL grab the issuer - Application / Client ID - Client credential (go to client credential > create a client secret and copy value)

Create Provider at Gluu Server#

Create a passport provider from the gluu server like the below image.

Screenshot 2023-12-27 at 09 56 14

  • client_id: azure application/client id
  • client secret: application client credential
  • issuer: application issuer URL
  • scope: openid, email, profile
  • token_endpoint_auth_method: client_secret_post

After creating the provider, grab the Callback URL which we are going to add on the application.

Add Redirect URI in the application#

  • Go to the application
  • Select Authentication
  • Add Platform > Web > add redirect URI

Screenshot 2023-12-27 at 10 16 58

We are done. You can test from the gluu server using the passport social authentication method. See the video here