Connect to Active Directory

[kkaufmes30]

To be able to login with an University-LDAP, the Project should be connected to an Active Directory

[kkaufmes30]

Implementation of an Active Directory

To implement an active directory, a Microsoft account and a free Azure account is needed.

A Microsoft Account can be created here

A free Azure Account can be created here

A more detailed guide and breakdown than the following steps can be found here.

---

Step 1: Search for "Azure Active Directory" in the Azure Portal

Step 2: Registration of the App in the Azure Portal. Use http:https://localhost:3000/api/auth/callback/azure-ad as a redirection route, when asked. (More Information + Tutorial)

Step 3: Create Client secret under "Client Credential" and retrieve following values:

• Application (client) ID
• Directory (tenant) ID
• Client secret (value)

Step 4: After setup in the Azure Portal has been completed, some changes need to happen in the Code.

Certain Environment Variables have to be added - Example in env.local

AZURE_AD_CLIENT_ID=<copy Application (client) ID here>
AZURE_AD_CLIENT_SECRET=<copy generated client secret value here>
AZURE_AD_TENANT_ID=<copy the tenant id here>

In transparenz-cockpit\frontend\pages\api\auth\[...nextauth].js the following entries have to be added:

import AzureADProvider from "next-auth/providers/azure-ad";

...
providers: [
  AzureADProvider({
    clientId: process.env.AZURE_AD_CLIENT_ID,
    clientSecret: process.env.AZURE_AD_CLIENT_SECRET,
    tenantId: process.env.AZURE_AD_TENANT_ID,
  }),
]
...