> For the complete documentation index, see [llms.txt](https://docs-v3.activeloop.ai/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs-v3.activeloop.ai/setup/storage-and-creds/managed-credentials/microsoft-azure/configure-azure-sso-on-activeloop.md).

# Configure Azure SSO on Activeloop

### Configure Azure SSO on Activeloop

### 1. Creating Application

* **Go to App registration page in** [**🌐Azure portal**](https://portal.azure.com/#view/Microsoft_AAD_RegisteredApps/ApplicationsListBlade)
* **Click on add New Registration**

<figure><img src="/files/jHFLmjILO8B9yrcT57f8" alt=""><figcaption></figcaption></figure>

1. Put name for the application
2. For application type, select `Default Directory only - Single tenant`
3. For Redirect URI select the type `Web`
4. For Callback URL put `https://auth.activeloop.ai/login/callback`
5. Click on `Register`

<figure><img src="/files/BpxISBIAu5yFAohVM6qI" alt=""><figcaption></figcaption></figure>

#### Once it is created go to `Overview` page, copy and send us the `Application (client) ID` and the `Directory (tenant) ID`

<figure><img src="/files/ZLKlYJ1oD8ZYPNjxcxJA" alt=""><figcaption></figcaption></figure>

#### Client secret creation

Go to `Certificates & Secrets` → `Client secrets` →`New client secret`

Name the secret, select preferred expiration and click `Add`

`NOTE: The secret need to be updated before it get expired`

<figure><img src="/files/8bLy1cGLqEyXcgzgFfKm" alt=""><figcaption></figcaption></figure>

#### Send us the secret value

<figure><img src="/files/Mo1lOJHTHWHaTXES2rOH" alt=""><figcaption></figcaption></figure>

### 2. Granting Permissions

1. **Go to `API permissions` → `Microsoft Graph` → `Delegated Permissions` and select following permissions:**
   1. `email`
   2. `openid`
   3. `profile`

<figure><img src="/files/93nnjKwd6w6XBCCtSigq" alt=""><figcaption></figcaption></figure>

<figure><img src="/files/EgSAbjmpcGcwwbCXCLCx" alt=""><figcaption></figcaption></figure>

<figure><img src="/files/5adDHc83rApJhv77U4BJ" alt=""><figcaption></figcaption></figure>

2. **In the search bar search `Directory.Read.All` and select the permission as well**

<figure><img src="/files/TuRp0MkMSA9f77WRSQnx" alt=""><figcaption></figcaption></figure>

#### Click on `Add permissions`

<figure><img src="/files/w8di9QVRaacuTyffJRtK" alt=""><figcaption></figcaption></figure>

### 3. Domain Name Validation in our side

We also will be needing domain of the azure tenant to authorize the SSO clients

1. Go to [🌐Domain Names](https://portal.azure.com/#view/Microsoft_AAD_IAM/DomainsList.ReactView) in Azure portal
2. Copy the domain name that will be used for SSO and send us

<figure><img src="/files/BsKUJTw4SR7sT2bBNDDR" alt=""><figcaption></figcaption></figure>


---

# Agent Instructions
This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com.

## Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs-v3.activeloop.ai/setup/storage-and-creds/managed-credentials/microsoft-azure/configure-azure-sso-on-activeloop.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.