Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix: Added sample configuration for Microsoft Entra ID #65

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

fix: Added sample configuration for Microsoft Entra ID #65

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
16 changes: 16 additions & 0 deletions content/3.features/oidc.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -86,3 +86,19 @@ oidc:
secret: # your client secret from Google
scopes: [openid, email]
```

## Using Microsoft Entra ID as an identity provider

Setting up Postal to authenticate with Entra ID (former Azure AD) is fairly straight forward. You'll need to use the Entra ID admin center for creating an app registration, which will get you an client ID and client secret ([see docs](https://learn.microsoft.com/en-us/entra/identity-platform/quickstart-register-app)). When prompted for a redirect URI, you should be `https://postal.yourdomain.com/auth/oidc/callback`. The following configuration can be used to enable this:
Comment on lines +90 to +92
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
## Using Microsoft Entra ID as an identity provider
Setting up Postal to authenticate with Entra ID (former Azure AD) is fairly straight forward. You'll need to use the Entra ID admin center for creating an app registration, which will get you an client ID and client secret ([see docs](https://learn.microsoft.com/en-us/entra/identity-platform/quickstart-register-app)). When prompted for a redirect URI, you should be `https://postal.yourdomain.com/auth/oidc/callback`. The following configuration can be used to enable this:
## Using Microsoft Entra ID (formerly Azure AD) as an identity provider
You'll need to use the Entra ID admin center for creating an app registration, which will get you a client ID and client secret ([see docs](https://learn.microsoft.com/en-us/entra/identity-platform/quickstart-register-app)). The redirect URI is `https://postal.yourdomain.com/auth/oidc/callback`. You can then complete the configuration in Postal as follows:


```yaml
oidc:
enabled: true
name: Microsoft Entra ID
issuer: https://login.microsoftonline.com/{ENTER_YOUR_TENANT_ID}/v2.0
identifier: # your client ID from Entra App Registration
secret: # your client secret from Entra App Registration
scopes:
- openid
- email
```