How do I enable Azure AD 3rd party authentication?

Important note: We are currently in the process of migrating Azure authentication from Azure Active Directory Graph over to Microsoft Graph. The implementation will be ready in January of 2022. Existing customers with functional Azure SSO won't be affected by said migration. New customers will be unable to setup Azure SSO using this guide till early Jan 2022.



In order to enable Azure AD as a login option for the NordLayer application, you will need to do the following:

1. Log in to your Azure dashboard

2. Click App registrations in the left menu

3. Click New registration

4. In the Name field, enter NordLayer

5. Select your supported account types

6. In the platform configuration field, select Web API

7. Click API permissions in the right menu

8. Click Add permission and add the following permissions:

  • under Azure Active Directory Graph, select Delegated permissions;
  • under User, select User.Read;
  • under Microsoft Graph, select Delegated permissions. 

9. Save these permissions, then press Grant admin consent at the bottom of the page to grant admin consent for this directory on behalf of all of your users

10. Click Authentication in the right menu

11. Click Add platform

12. Select Web

13. Enter to Redirect URI field

14. At Implicit grant, select Access tokens and ID tokens

15. Click Overview in the right menu

16. Copy Application (client) ID and keep it safe

17. Copy Directory (Tenant) ID and keep it safe

18. Click Certificates & secrets in the right menu

19. Press New client secret

20. In the description field, enter NordLayer

21. In the expiry field, select 24 months.

22. Copy the generated values and keep them safe as it is visible only once.

Once you have all these three values: Application (client) ID, Directory (Tenant) ID and Generated Client Secret Value, you can head to the Control Panel on our website and navigate to Settings - Login options. By choosing Azure AD you will be prompted to enter those three collected values. Once you submit this information, your organization members will now have the ability to log into the NordLayer application using Azure AD.


Note: In case you have any questions or are experiencing any issues, please feel free to contact our 24/7 customer support team.

Return to top