Configuring SSO with AzureAD

Modified on Mon, 09 Aug 2021 at 04:56 PM

Step 1 – Setup AzureAD

Launch the AzureAD Admin Portal and select the Azure Active Directory menu option


From the sub menu select App registrations


Then select New registration from the toolbar


Give your application a name (my2cloud)

Set the Supported account types to Accounts in this organizational directory only (AssureStor Limited only - Single tenant)

Set the Redirect URI to
Note. Replace tenant with your portals prefix.

Click Register to create your application

Copy and save the Application (client) ID

Select Endpoints from the toolbar

Copy and save the

  • OAuth 2.0 authorization endpoint (v2)
  • OpenID Connect metadata document
    Note. Remove /.well-known/openid-configuration

You will also need to ensure the App registration is configured to use ID tokens.

Select Authentication from the side menu and scroll down to the Implicit grant and hybrid flows section

Ensure ID tokens (used for implicit and hybrid flows) is checked

Save any changes..

Step2 – Enable OpenID Connect in my2cloud


Launch your my2cloud portal and login with full administrative rights. Once logged in, select Settings from the Administration sub menu.

From the available tabs, select External Login Settings

Complete the OpenID Connect fields using the information you saved from step 1

  • Client Id = Application (client) ID
  • Authority = OpenID Connect metadata document
  • Login URL = OAuth 2.0 authorization endpoint (v2)
  • Validate Issuer = checked


Click the Save All button

Step 3 – Verify OpenID Connect authentication

For OpenID verification to operate correctly you will need to check the following.

Ensure the default role is setup correctly and does not provide access to any sensitive areas such as administration, billing, etc.


When a new AzureAD user signs in for the first time they will automatically be set to use the default role.


Select Settings from the Administration sub menu.


Select the User Management tab


Ensure that the following are checked

  • Allow users to register to the system.
  • New registered users only via External Login.
  • New registered users are active by default.


You are now setup for SSO using AzureAD

When a user now authenticates using the OpenID Connect button on the login page


They will be directed to your AzureAD login screen to authenticate (including enforcement of any MFA policies) and returned back to the my2cloud portal.


To successfully self-register using OpenID Connect the user MUST NOT already exist in the portal. If the user has already been created using the standard user creation workflow please delete the user account first before attempting to register with OpenID Connect.


Was this article helpful?

That’s Great!

Thank you for your feedback

Sorry! We couldn't be helpful

Thank you for your feedback

Let us know how can we improve this article!

Select atleast one of the reasons
CAPTCHA verification is required.

Feedback sent

We appreciate your effort and will try to fix the article