You can integrate your organization’s Azure Active Directory (AD) with
After you have configured Azure AD, your organization will receive a customized URL to log in to PubSub+ Cloud. If your users have already signed in to their Azure AD account, they will automatically be signed in to PubSub+ Cloud. Otherwise, they will be directed to your organization's AD sign-in page to enter their details. Your organization's AD settings determine whether multi-factor authentication (MFA) is used.
If a user belongs to multiple PubSub+ Cloud accounts that are associated with your organization's AD, they can switch between those accounts without logging in to the accounts separately.
To integrate with Azure AD with PubSub+ Cloud, perform the following steps:
- Request a Preferred Subdomain—PubSub+ Cloud team will create one for you
- Register PubSub+ Cloud as an Azure AD Application
- Configure, Test, and Enable SSO
When you set up an Application Registration for PubSub+ Cloud in your Azure AD account, Azure generates a Client ID and a Client Secret that you use to bind your PubSub+ Cloud account to your Azure AD account. This allows your organization's PubSub+ Cloud users to be authenticated by Azure AD.
To register PubSub+ Cloud as an application in Azure AD:
- In the Azure Portal, in the left-hand navigation pane, select Azure Active Directory.
The Azure Active Directory page opens.
- Select Application Registration from the left-hand menu, then click New Registration.
The Register an application page opens.
- In the Name field, enter
PubSub+ Cloud(or a user-facing name that adheres to what is shown to the user). Under Supported account types, select Accounts in this organizational directory only.In the Redirect URI (Optional) field, enter subdomain (
https://<subdomain>.solace.cloud/sso/login) provided by PubSub+ Cloud team (see, Request a Preferred Subdomain).
- Click Register at the bottom of the screen.
The application registration is created in your Azure AD and the Application Overview page is displayed, showing the Application (client) ID and the Directory (tenant) ID values. Make a note of these values because the Solace Production Engineering team will need them to complete the configuration.
- In the left-hand menu, click Certificates & secrets.
- Create a Client Secret by clicking New client secret. The Add a client secret dialog is displayed.
- In the Add a client secret dialog, enter a description for the PubSub+ Cloud secret, then select an expiry period. Note that if you don't pick Never, you will need to update the secret key periodically.
- Click Add.
Make a note of the following information, which you will need when configuring your SSO in PubSub+ Cloud:
- Client ID
- Client Secret
- Discovery URL