Using Azure AD as Keycloak Identity Provider

PreviousSingle Sign-on (SSO)NextKeycloak User Federation Configuration (LDAP/AD)

Last updated 4 months ago

Was this helpful?

Using Azure AD as Keycloak Identity Provider

You need Azure Admin permission to complete this integration.

Azure app configuration

Create new Azure app

Create a new App registration from selecting support for Multiple organizations when asked.

Find App registration in search.

Click New registration.

Fill in details as shown below.

Give the application a name and write down Application (client) ID as it will be needed later.

Configure a new secret

Next, go to your App Registrations’ Certificates & secrets to create a New client secret. Copy the Value of the secret to somewhere at had as it is needed later in the configuration.

Adding Keycloak IdP

In Keycloak, create a new IdP by selecting Microsoft from the drop down

Populate Client ID (this is Application (client) ID in Azure) and Client Secret (this is Value from Azure) using values obtained in previous steps.

Finally copy Redirect URI from Keycloak and add Redirect ID UI link in Azure App.