Basic Azure AD Config

Basic step-by-step tutorial for OAuth2 config with Azure AD


  • Simplicité instance with designer access
  • A test account in your Azure organization to test the login

1) New app registration

2) Register

3) Locate some of the endpoint data

NB: depending on the “supported account types” selected on step 2, your authorization and token URLs might or might not contain the tenant ID

4) Generate and save secret

Warning: The secret value only shows once, make sure to copy it

5) Authorize user on your app (add claims)

6) Add Azure as an Authentication Provider through the AUTH_PROVIDERS System Parameter

Customize with the values from precedent steps (blue question marks)

    { "name": "simplicite", "type": "internal", "visible": true },
        "name": "azuread", 
        "type": "oauth2", 
        "label": "Sign in with AzureAD (OAuth2)", 
        "client_id": "<REPLACE_CLIENT_ID>", 
        "client_secret": "<REPLACE_CLIENT_SECRET>",
        "authorize_url": "<REPLACE_AUTHORIZE_URL>",
        "token_url": "<REPLACE_AUTHORIZE_URL>",
        "logout_url": "",
        "userinfo_url": "",
        "userinfo_mappings": {
            "login": "email"
        "sync": true,
        "visible": true

7) Implement some group attribution

PS: This step needs customization to fit to your own scenario

package com.simplicite.commons.Application;

import java.util.*;
import com.simplicite.util.*;

 * Platform Hooks
public class PlatformHooks extends com.simplicite.util.engine.PlatformHooksInterface {
	public void preLoadGrant(Grant g) {
			String userId = Grant.getUserId(g.getLogin());
			Grant.addResponsibility(userId, "DEMO_ADMIN");"Detected AzureAD login : " + g.getLogin() + " (" + userId + "). Forcing responsabilities.", null);