1.0 Setting Azure Active Directory Authentication
This feature allows users to configure accounts such that they can authenticate using the Azure Active Directory (Azure AD) of an Azure tenant. For this authentication, the OpenID connect over OAuth 2.0 (OAuth) is used as the authentication protocol.
1.1 Prerequisite
Users will need to sign up for Fortanix CCM or must be invited to a Fortanix CCM account before they can log in to that account using Azure AD.
1.2 Enable Azure AD
To add Azure AD as the OAuth identity provider:
Go to the Settings page in Fortanix Confidential Computing Manager and click the Authentication menu item from CCM UI left navigation panel.
Figure 1: Settings Page
In the Authentication page, enable the toggle for Microsoft Entra ID to allow users to log in to the Fortanix CCM account and authenticate using single sign-on with Microsoft Entra ID credentials. Click SAVE to save this setting.
Figure 2: Enable Microsoft Entra ID
When the toggle is disabled, users will not be able to authenticate using Microsoft Entra ID credentials. They can still authenticate to their Fortanix CCM account using the email address and password provided during user signup.
Now when the user logs in to Fortanix CCM in the next session, there will be two options shown on the login screen:
Log in with Azure AD (with SSO)
Log in with Password (Without SSO)
Figure 3: Log in with SSO