Microsoft

Sample Configuration


Values You Would Require at SSO Provider

Devtron provides a sample configuration out of the box. There are some values that you need to either get from your SSO provider or give to your SSO provider.

Values to Fetch

  • clientID

  • tenantID (required only if you want to use Azure AD for auto-assigning permissions)

  • clientSecret

Values to Provide

  • redirectURI (provided in SSO Login Services by Devtron)


Reference


Auto-assign Permissions

Make sure to add tenantID in the SSO configuration field without fail.

Since Microsoft supports Active Directory (AD) , this feature further simplifies the onboarding process of organizations having a large headcount of users. It also eliminates repetitive permission assignment by automatically mapping your Azure AD groups to Devtron's Permission Groups during single sign-on (SSO) login.

If you've defined groups in your Active Directory, you can create corresponding permission groups in Devtron with the same names. When members of those Active Directory groups first log in to Devtron, they'll automatically inherit the permissions from their Devtron permission group. This means you can't manually adjust or add individual permissions for users mapped to a permission group.

SSO login requires exact matching between Devtron permission group names and AD groups. Any discrepancies or missing groups will prevent successful login.

Once you save the configuration with this feature enabled, existing user permissions will be cleared and the future permissions will be managed through permission groups linked to Azure Active Directory (Microsoft Entra ID) groups.

If your AD permissions aren't reflecting in Devtron, a quick sign-out and sign-in can resolve the issue.

Last updated