What are the challenges you face when working across database platforms? Take the survey
Options

Using SQL Monitor openid with Azure AD

The documentation for connecting SQL Monitor to and OpenID provider seems on the face of it quite good but I'm struggling with the specifics for when using Azure AD do any one happen to have an Azure AD specific user guide to setting this up 
Tagged:

Answers

  • Options

    Thanks for reaching out to us regarding this.

    Would you mind providing the link(s) to the documentation you have looked at so far? This will help me avoid duplicating what you have already seen.

    Kind regards

    Dan Jary | Redgate Software
    Have you visited our Help Center?
  • Options
    JonnyGJonnyG Posts: 8 New member
    Hi Dan,

    Straight out of the SQL Monitor documentation Authenticating with OpenID Connect - SQL Monitor 11 - Product Documentation (red-gate.com) It all makes sense as you read it but then as you go to implement it doesn't seem to provide enough depth. I suspect a couple of examples might really help users configure it for say Azure AD or maybe Okta

    Jon
  • Options
    Hi @JonnyG

    Thanks for coming back on this.

    I've had a really good look through our documentation but unfortunately there doesn't appear to be anything in addition to what you have already found.

    I did also put this to my colleagues should they be able to advise on this. Someone did mention that, while they are unsure exactly how the Azure Active Directory one is set up, they have experience of setting up OKTA and suggested that the settings used would likely be similar:

    https://help.okta.com/en/prod/Content/Topics/Apps/Apps_App_Integration_Wizard_OIDC.htm

    - For task 1.4 - it's a Web Application
    - For task 2.1 - Grant type (all selected)
    - For task 2.3 - Assignments - we have the "Everyone" group and there are also the individual people listed as well
    - For task 4 - we set Filter for claim type and for Groups claim filter it's groups​ matches regex

    Those settings should get it working. You may have had to set up an Authorization server in the Security > API section, we use the default one:

    Name= default
    Audience= api://default
    Issuer URI https://xxxx.okta.com/oath2/default 

    I hope this helps!

    Kind regards

    Dan Jary | Redgate Software
    Have you visited our Help Center?
Sign In or Register to comment.