Pritunl supports single sign-on with Azure Active Directory. Azure Active Directory Security and Office 365 groups will be matched to existing organizations.
Open the Azure dashboard and go to the App registrations section of the Azure Active Driectory.
Click New registration and set the Name to
Pritunl and Redirect URI to Web. Then set the URL to
https://auth.pritunl.com/callback/azure. Once done click Register.
Open Branding and upload the Pritunl Logo. Set the Home page URL to the URL of your Pritunl server. Then click Save.
Open the Authentication tab and enable Access tokens under Implicit grant. Then click Save.
Open API permissions and click Add a permission. Then click Microsoft Graph and select Delegated permissions.
In the Directory section enable Directory.Read.All.
In the Group section enable Group.Read.All, once done click Add permissions.
In the User section enable User.Read and click Add permissions.
Open API permissions again and select Microsoft Graph then select Application permissions
In the Directory section enable Directoy.Read.All, once done click Add permissions.
After the permissions have been saved click Grant admin consent for Pritunl on the API permissions tab.
Open Certificates & secrets and click New client secret. Then set the Description to
Pritunl and set Expires to Never. Once done click Add and copy the Value from the list of secrets. The Secret ID is not relevant and should not be copied. Save this value for the steps below.
Open the Overview of the Pritunl app in App registrations. Copy the Directory (tenant) ID, and Application (client) ID for the configuration below.
Open the Settings in the Pritunl web console and set Single Sign-On to Azure. Copy the Directory ID and Application ID from the steps above. Then copy the Azure key value from the earlier steps into Application Secret. The Default Single Sign-On Organization will be used if none of the Azure groups match an existing Pritunl organization.
Updated about 1 month ago