Azure Active Directory (AD) Integration

Ascend can integrate with Azure Active Directory (AD) for SSO authentication purposes. In order to configure the Azure AD SSO, please go through the following steps:

🚧

Ascend only supports OAuth2-based authentication for Azure AD. For a general reference of the Azure AD Web app registration you'll be configuring here, please review these official MS docs.

1. Collect the Tenant ID for the Azure AD.
2. In Azure AD, select "New Registration", name the registration.
3. In the registration, go to "Authentication" and add a Web Redirect UI with a value of: https://<your ascend subdomain>.ascend.io/authn/provider/azureadv2/callback

🚧

Tenancy

Ensure that you select "Single tenant" for Supported account types here. This will ensure that only users from your Active Directory can log in.

4. Select Certificates and Secrets and select "New client secret" to create a new Client Secret for this registered app.
5. Ensure that the secret is created with a maximum expiration time.

6. Encrypt your Client ID, Client Secret, and Tenant ID here and send the encrypted blob to [[email protected]](mailto:[email protected]).

After this is set up, your users will be able to authenticate into Ascend through Azure AD SSO.