User's Guide: Azure Active Directory Authentication

1.0 Setting Azure Active Directory Authentication

This feature allows users to configure accounts such that they can authenticate using the Azure Active Directory (Azure AD) of an Azure tenant. For this authentication, the OpenID connect over OAuth 2.0 (OAuth) is used as the authentication protocol.

1.1 Prerequisite

Users will need to sign up for Fortanix CCM or must be invited to a Fortanix CCM account before they can log in to that account using Azure AD.

1.2 Enable Azure AD

To add Azure AD as the OAuth identity provider:

  1. Go to the Settings page in Fortanix Confidential Computing Manager and click the Authentication menu item from CCM UI left navigation panel.  

    settings-landing-screen.png

    Figure 1: Settings Page

  2. In the Authentication page, enable the toggle for Microsoft Entra ID to allow users to log in to the Fortanix CCM account and authenticate using single sign-on with Microsoft Entra ID credentials. Click SAVE to save this setting.  

    settings-landing-screen-1.png

    Figure 2: Enable Microsoft Entra ID

  3. When the toggle is disabled, users will not be able to authenticate using Microsoft Entra ID credentials. They can still authenticate to their Fortanix CCM account using the email address and password provided during user signup.

  4. Now when the user logs in to Fortanix CCM in the next session, there will be two options shown on the login screen:

    1. Log in with Azure AD (with SSO)

    2. Log in with Password (Without SSO)

    AzureAD3.png

    Figure 3: Log in with SSO