# Azure AD via OIDC

## Prerequisites

1. You must have an Aerofiler subscription that supports Azure AD integration and Aerofiler Support must have enabled Azure AD integration for your Account

## **Setup Steps**

1. Go to “Azure Active Directory”
2. In the Overview section, copy the Tenant ID (used later).
3. Go to “App Registrations” (left menu)
4. Click “New registration” at the top
5. For “Name”, enter “Aerofiler”
6. In “Supported account types” select the most suitable for your organization which is most likely “Accounts in this organizational directory only” (“Single tenant”)
7. For “Redirect URI” enter the Redirect URL provided by Aerofiler. Typically this is in the form <https://acme.aerofiler.com/auth/msal/callback> or <https://acme.aerofiler.com.au/auth/msal/> callback, where `acme` is your Aerofiler sitename.
8. Click “Register” (bottom)
9. Copy the “Application (client) ID” value for later
10. Click “Add a certificate or secret”, near “Client credentials” (top right)
11. In the “Client secrets” area, click “New client secret”
12. Enter a relevant description and choose a suitable “Expires” value
13. Click “Add” (bottom)
14. Copy the value in the “Value” column. This is the Client Secret.
15. Send the following information to Aerofiler in a text file via the secure link provided by Aerofiler:
    1. Tenant ID: \[from step 2]
    2. Client (Application) ID: \[from step 9]
    3. Client Secret: \[from step 14]

Once the above is completed, Aerofiler may need to send you a link that needs to be clicked on to authorise the application within Azure AD.

{% hint style="info" %}
Depending on chosen expiry period, a new Client Secret for this connection will need to be generated and given to Aerofiler before the current one expires, otherwise login through SSO will stop working.
{% endhint %}


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://adminguidesgitbook.aerofiler.com.au/single-sign-on/azure-ad-via-oidc.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.