LogoLogo
HomePricingSelf-hosted docsAPI docsLogin
  • Home
  • Login to hava
  • Developer
  • Getting Started
    • Quickstart
      • Create New Account
      • Import Demo Data
      • Creating Environments
      • Exporting Diagrams
  • AWS Marketplace
  • Using Hava
    • Providers & Sources
    • Environments
      • Creating Environments
      • Filtering Environments
  • Importing Data
    • Demo Data
    • AWS
      • Getting Started with AWS
        • Cross Account Role
        • Read Only IAM User
        • Minimum Access IAM User
      • AWS Supported Resources
      • AWS Views
        • Infrastructure
        • Security
        • Container - ECS
        • List
    • Azure
      • Getting Started with Azure
        • Powershell
        • Azure Portal
      • Azure Supported Resources
      • Azure Views
        • Infrastructure
        • Azure Security View
        • List
    • Google Cloud
      • Getting Started with GCP
        • Service Account
        • Import Multiple Projects
        • Enabling APIs
      • GCP Supported Resources
      • GCP Views
        • Infrastructure
        • List
    • Kubernetes
      • Getting Started with Kubernetes
        • Read Only Kubeconfig
        • Automatic Import of Managed Kubernetes
          • AWS EKS Cluster Configuration
        • Converting certificate files to certificate data fields
      • Kubernetes Supported Resources
      • Kubernetes Views
        • Container
        • List
    • Import Errors
  • Discover
    • Importing
    • Searching
      • Search Overview
      • Search Syntax
        • VPC Search
        • Wildcard Search
        • Tag Search
        • Deep Search
      • Search Examples
        • Discover Resources From Regions
        • Create a multiple VPC diagram
        • Defining Custom Environments
    • Versioning
      • Tracking Changes in Cloud Architecture
    • Manual Sync
  • Diagram
    • Listing Environments
      • Filtering Environments
      • Favouriting Environments
    • Viewing Environments
      • Diagram Controls
      • Diagram Layout
      • Switch Between Views
      • Diagram Canvas Resource Filters
    • Draw Custom Connections
  • Diagnose
    • Architectural Monitoring Alerts
    • Attributes
    • Cost Estimation
    • Diff View - Comparing Diagrams
    • Infrastructure
      • View Route Tables
      • View ACLs
      • View Security Groups
    • Reports
      • AWS Compliance Reports
  • Document
    • Environment Notes
    • Embed
    • Exporting Diagrams
    • Edit
      • Draw.io
  • Collaboration
    • Teams
    • Inviting Users
    • Disabling users
    • SSO/SAML
      • Overview
      • Azure AD - SAML Setup
      • Azure AD - OIDC Setup
      • Okta - SAML Setup
      • Okta - OIDC Setup
      • Trouble Shooting SSO
    • Project folders
  • Integrations
    • AWS Control Tower
    • CLI
    • Confluence Cloud
    • GitHub
    • Terraform
  • API
    • API Docs
  • Account & Billing
    • Types Of Hava Accounts
    • Change Subscription
    • Switch to AWS marketplace
    • Change Password
    • MFA
    • Download Invoice
    • Cancel Account
    • Account Audit Log
  • Quick Look
    • Quick AWS Overview
    • Security Overview
    • Customize the Hava Dashboard
Powered by GitBook
On this page
  • Step by step guide
  • 1. Go to Account Settings
  • 2. Select SSO Config
  • 3. Select OIDC
  • 4. Take note of the Service provider details
  • 5. Navigate to Azure Active Directory
  • 6. Start creating a new registration
  • 7. Register Application
  • 8. Create a secret
  • 9. Configure and Save secret
  • 10. Save the secret key
  • 11. Get Application Details
  • 12. Configure OIDC
  • 13. Enable Configuration

Was this helpful?

  1. Collaboration
  2. SSO/SAML

Azure AD - OIDC Setup

Guide for setting up SSO with Azure AD using OIDC

PreviousAzure AD - SAML SetupNextOkta - SAML Setup

Last updated 1 year ago

Was this helpful?

The Azure AD SSO integration allows for a centralised and secure login process for businesses that utilise Azure AD as their identity provider.

OICD allows you to set up an application in AzureAD to manage access to accounts in Hava.

Step by step guide

1. Go to Account Settings

On the top right, press the account preferences icon and select account settings from the drop-down menu

2. Select SSO Config

From the menu on the left, select SSO Config to bring up the SSO Configuration screen

3. Select OIDC

Azure AD can use SAML or OIDC as the way to integrate their identity platform with Hava. From the two choices ('SAML' and 'OIDC') select OIDC.

4. Take note of the Service provider details

You should be presented with a screen showing you two sections, Identity Provider, and Service Provider. In this case the Identity Provider is represented by Azure AD and the Service Provider is Hava.

Take note of the Sing-in Redirect URL attribute in the Service Provider section, as we will use these when setting up Azure AD.

5. Navigate to Azure Active Directory

In the Azure Portal, go to the Azure Active Directory service, and select App registrations from the menu on the left side.

6. Start creating a new registration

Click the New registration button on the top of the screen to start the process for setting up a new application registration.

7. Register Application

You will be presented with a form where we will configure two values:

  • Give the application a name that people will recongnize (e.g. hava.io)

  • In the optional Redirect URI

    • Select Web as the platform

    • And put in the Sign-in Redirect URL from the Hava OIDC configuration screen

Finally press Register on the bottom of the form. Leave the other values as they are.

8. Create a secret

Next we need to create a secret to secure the connection between Hava and AzureAD.

On the left menu, select Certificates & secrets and then under Client secrets click New client secret

9. Configure and Save secret

In the pane that opens, give the secret a descriptive name and select the expiry for the key

Press Add to save the secret.

10. Save the secret key

The value attribute contains the secret key that we need to provide to Hava, save that. Ignore the Secret ID , we will not be using that.

11. Get Application Details

On the overview page there are two values we will need.

Save the Application (client) ID and the Directory (tenant) ID values, we will use those in the next step

12. Configure OIDC

Go back to Hava and press the Add OIDC Config button

In the form that comes up add these values:

  • Identity Provider Host: login.microsoftonline.com/TENANT_ID/v2.0 where TENANT_ID is substituted with the Directory (tenant) ID from step 11

  • OIDC Client Id: Application (client) ID from step 11

  • OIDC Client Secret: value from step 10

Press Save to save the configuration.

13. Enable Configuration

Last step is to press the green Enable button on the OIDC Configuration page. Once this is done, you are ready to test the SSO integration from Azure AD.

Open Your Account Settings
Select SSO Config
Enable SSO