Enable Azure AD Login

This guide walks you through the process of configuring Microsoft Azure Active Directory (Azure AD) as an identity provider for Kubiya, enabling your users to authenticate using their Microsoft credentials.

Step 1: Register an Application in Azure AD

1. Log in to the entraID admin page
2. Navigate to Applications > Enterprise applications > New application
3. Click Create your own application > Create
4. Naviage to Applications > Enterprise applications and click on the app that was created in the previous step.
5. Visit “Overview” and copy the following details:
   • Application ID
6. Navigate to User and groups on the side menu and click on Add user/group .
7. Chose the group of users that you would like to sync into the Kubiya Platform (if you don’t have one yet, you can create a new security group and add members).
8. Visit Applications > App registrations and select the app that was just created.

Step 2: Configure Permissions

1. In your newly registered application, navigate to API permissions
2. Click Add permission .
3. In the popped window choose Microsoft Graph.
4. Chose Delegated permissions.
5. Search for User.Read, select it, then click on Add permissions.
6. Repeat the steps and this time under Application permissions search for Directory.Read.All. Select it and Add.
7. Click on Grant admin consent for ... ” and accept.