If this document does not correspond to your current software version, you can go to Download Center to find other available document versions.


QTS 5.0.x

Download (PDF)

Enabling Azure AD Single-Sign-On

Before starting this task, ensure that you create an application registration. For details, see https://docs.microsoft.com/en-us/azure/active-directory/develop/howto-create-service-principal-portal. The user interface on Microsoft Azure is subject to change without notice.


You must first complete the following steps before enabling SSO.


If you want to enable SSO on more than one NAS, you must repeat all of these steps on each NAS.

  1. Go to Control Panel > Privilege > Domain Security > SSO.
  2. Select Enable Azure SSO Service.
  3. Specify Client ID.

    For details, visit https://docs.microsoft.com/en-us/azure/active-directory/develop/howto-create-service-principal-portal.


    The Client ID is also known as an Application ID.

  4. Specify Tenant ID.
  5. Specify Reply URLs.
    1. Sign in as an administrator at https://portal.azure.com/#home.

    2. Click Azure Active Directory, and then click App registrations > Your app > All settings > Reply URLS.

    3. Add :8080/cgi-bin to the end of the IP address.

    4. Copy and paste the URL into the Reply URLs field label on the NAS.

  6. Specify the Public key.
    • The public key must be a PEM file.

    • You can convert a CA certificate to a public key using a Linux environment or an OpenSSL.

  7. Click Apply.

    Your NAS login screen changes to include an Azure SSO login option.