Single Sign On - global-121/121-platform GitHub Wiki
This page contains information about letting user log in via Single Sign-On (SSO).
At the moment SSO has been implemented for use with Single Tenant Microsoft Entra ID.
To use SSO you need to have a Tenant-ID and Client-ID from the Microsoft Entra ID App-Registration that was created for a 121 Platform instance.
SSO is configured per instance using the ENV-variables of both the 121 Portal and the 121 Service:
USE_SSO_AZURE_ENTRA:TRUEAZURE_ENTRA_CLIENT_ID:<the specific Client-ID>AZURE_ENTRA_TENANT_ID:<the specific Tenant-ID>
For the Portal, some additional configuration is necessary to set the correct `Content-Security-Policy' values, see: interfaces/READMEmd#content-security-policy-csp
For more information of the software architecture, see: