Skip to content

How to configure authentication

Jump to bottom
Konstantin Lepeshenkov edited this page Nov 29, 2021 · 10 revisions

DfMon (in Standalone and Injected mode) uses AAD to authenticate users and supports both server-directed and client-directed login flows.

Server-directed (cookie-based) flow is the easiest to configure, but relies on Easy Auth module and therefore only works in Azure. Client-directed (token-based) flow works everywhere, but is generally slower and more error-prone.

Configuring DfMon for server-directed login flow

  1. Go to Azure Portal->Azure Active Directory->App Registrations and press New registration:

  2. Give your app registration a name and put https://<my-dfm-function-app-name>.azurewebsites.net/.auth/login/aad/callback as the Redirect URI:

  3. Go to Authentication tab and make sure ID tokens are enabled:

  4. Deploy DfMon with

    Deploy to Azure

    button and set Aad App Client Id setting to this newly created app registration's Client Id.

  5. Restrict the list of allowed users by configuring either DFM_ALLOWED_USER_NAMES or DFM_ALLOWED_APP_ROLES config settings. See more details on these settings in Config Settings Reference.

Configuring DfMon for client-directed login flow

xxxxxxxxxxx

Clone this wiki locally