Configure Microsoft Azure AD as an IDP in N-central

Using Microsoft Azure AD as your identity provider (IDP) in N-central lets you automatically sign users in when they are on your corporate devices connected to your corporate network. When enabled, users don't need to type in their passwords to sign in to Microsoft Azure AD, and usually, even type in their usernames. This feature provides your users easy access to your cloud-based applications without the need for any additional on-premises components.

You must have created a Microsoft Azure AD tenant (organization) before you can configure Microsoft Azure for SSO in N-central. See Configure-Azure AD-for-use-in-N-central.html for instructions. You will need the IDs to complete the setup.

After you create a Microsoft Azure AD tenant and register N-central as an application in the Microsoft Azure AD portal, you must add Microsoft Azure as an SSO in N-central.

If your select you Identity Provider's Multi-factor Authentication (MFA), it will apply to all users you import. Disable the N-central built-in MFA if you choose to use your Identity Provider's MFA.

To configure Microsoft Azure AD as an IDP in N-central:

  1. Go to Administration > User Management > SSO Providers.
  2. Click Add and select Microsoft Azure AD.
  3. In the REGISTERING N-CENTRAL AS AN APPLICATION IN AZURE AD area, register N-central as an application in Microsoft Azure AD:
    1. In the Name: box, enter a name for the Microsoft Azure AD server.
    2. In the Domain: box, enter https://login.microsoft.com.
    3. In the Directory (tenant) ID: box, enter the ID of the tenant that you created in Microsoft Azure AD.
    4. In the Application (client) ID: box, enter the ID of the application you registered in Azure.

  4. In the CLIENT CREDENTIALS area, select the type of secrets to use for authentication:

    • If you selected Certificate in Azure Key Vault (recommended), do the following:

      1. In the Key Vault URI or name: box, enter the Azure key vault URI or name you entered in Microsoft Azure AD.
      2. In the Key Vault certificate name box, enter the Key Vault certificate name you entered in Microsoft Azure AD .
      3. In the Secret value box, enter the secret key value that you noted in Microsoft Azure AD.

    • If you selected, Client Secret, do the following:

      • In the Client Secret: box, enter the client secret.
  5. Click TEST CONNECTION to confirm that N-able N-central can successfully communicate with the Active Directory server.
  6. If you want to use the N-central MFA, select MFA in your N-central import settings.
  7. Click Save.
  8. Go to Link users to Microsoft Azure AD to apply SSO in N-central. You must have created your users locally before you can link them.