automation-suite
2023.4
false
UiPath logo, featuring letters U and I in white
Automation Suite Admin Guide
Last updated Aug 14, 2024

Configuring SSO: Azure AD

You can use Azure Active Directory (Azure AD) as your identity provider.
  1. Create an Azure AD App Registration:
    Note: The below steps are a broad description of a sample configuration. For more detailed instructions, see the Microsoft documentation for configuring AAD as an authentication provider.
    1. Log in to the Azure portal as an administrator, go to App Registrations , and click New Registration.
    2. In the Register an application page, fill in the Name field with a name for your Automation Suite instance.
    3. In the Supported account types section, select Accounts in this organizational directory only.
    4. Set the Redirect URI by selecting Web from the drop-down list and filling in the URL of your Automation Suite instance, plus the suffix /identity_/azure-signin-oidc. For example, https://baseURL/identity_/azure-signin-oidc.
    5. At the bottom, select the ID tokens checkbox.
    6. Click Register to register your Automation Suite instance.
    7. Save the Application (Client) ID for later.
  2. Configure Azure AD SSO:
    1. Log in to the Automation Suite host portal as a system administrator.
    2. Make sure that Host is selected at the top of the left pane and then click Security.
    3. Under Azure AD SSO, click Configure.
      • Select the Force automatic login using this provider checkbox if you want to only allow login with Azure Active Directory accounts.
      • In the Display Name field, type the text you want to show under this login option on the Login page.
      • In the Client ID field, paste the value of the Application (Client) ID obtained from the Azure portal.
      • (Optional) In the Client Secret field, paste the value obtained from the Azure portal.
      • Set the Authority parameter to one of the following values:

        • https://login.microsoftonline.com/<tenant>, where <tenant> is the tenant ID of the Azure AD tenant or a domain associated with this Azure AD tenant. Used only to sign in users of a specific organization.
        • https://login.microsoftonline.com/common. Used to sign in users with work and school accounts or personal Microsoft accounts.
      • (Optional) In the Logout URL, paste the value obtained from the Azure portal.
    4. Click Save to save the configuration and return to the previous page.
    5. Click the toggle to the left of Azure AD SSO to enable the integration.
    6. Restart the identity-service-api-* pod. This is required after making any changes to External Providers.
      1. Connect to your Automation Suite cluster.

      2. Run the following command: kubectl -n uipath rollout restart deployment identity-service-api
  3. Allow Azure AD SSO for the organization:

    Now that Automation Suite is integrated with Azure AD Sign-In, user accounts that have a valid Azure AD email address can use the Azure AD SSO option on the Login page to sign in to Automation Suite.

    Each organization administrator must do this for their organization if they want to allow login with Azure AD SSO.



    1. Log in to Automation Suite as an organization administrator.
    2. Add user accounts, each with a valid Azure AD email address.

Was this page helpful?

Get The Help You Need
Learning RPA - Automation Courses
UiPath Community Forum
Uipath Logo White
Trust and Security
© 2005-2024 UiPath. All rights reserved.