# Setup Azure Active Directory In this article you'll read how to setup user authentication via Azure Active Directory. Configuring this correctly consists of the following steps: * [Registering an application within the Azure Portal.](#registering-an-application-within-the-azure-portal) * [Obtaining the Client ID and Tenant ID.](#obtaining-the-client-id-and-tenant-id) * [Creating a Client Secret within the Azure app.](#creating-a-client-secret-within-the-azure-app) * [Enabling Azure Active Directory authentication in AppMachine.](#enabling-azure-active-directory-authentication-in-appmachine) ### Registering an application within the Azure Portal 1. **Navigate** to the [registered apps page of the Azure Portal](https://portal.azure.com/#view/Microsoft_AAD_IAM/ActiveDirectoryMenuBlade/~/RegisteredApps) and login. 2. **Click +New registration** to create a new app.

Azure Portal - App registrations

3. **Enter the name** of your app. 4. **Select** the **Single tenant** option as the supported account type. 5. **Set the Redirect URI** to type **Web** and enter the following **value**: \ `https://app-services.cmsappbuilder.com/api/application-users/v1/social/callback/microsoft` 6. **Click Register** to create the Azure application.

Azure Portal - Register application

### Obtaining the Client ID and Tenant ID 7. **Open** the **Overview page** of your Azure application. 8. **Copy** the **Application (client) ID** and the **Directory (tenant) ID**. These values will be required during the setup in AppMachine.\

Azure Portal - App overview

### Creating a Client Secret within the Azure app 9. **Open** the **Certificates & secrets** page. 10. **Click +New client secret**.

Azure Portal - Certificates & secrets

11. **Enter** a **description** and **set** the client secret's **expiration** time.\ \ \&#xNAN;***Note:** AppMachine is not able to track the client secret expiration date. When the client secret expires users will no longer be able to login to the app. To prevent this from happening, the client secret will have to be renewed and updated in AppMachine before the secret expires.*

Azure Portal - Add a client secret

12. **Click** the **Add** button to create the client secret. 13. **Copy** the **value** of the client secret displayed on the screen. This value will be required during the setup in AppMachine.\ \ \&#xNAN;***Note:** The Client Secret value can only be viewed once, directly after creating it.* ### Enabling Azure Active Directory authentication in AppMachine 14. **Open** the [**Login Settings**](https://app-home.appmachine.com/user-access/authentication) page of your AppMachine app and **enable User login**. 15. **Enable** the options **Azure Active Directory** and **Users can register a new account for this app**.

AppMachine - Login Settings

16. **Click Configure** and **enter the Client ID, Tenant ID, and Client Secret** obtained via the steps above, and click Save to complete the setup.

AppMachine - Configure Azure Active Directory

17. Finally, **Save your changes on the Login Settings page** to complete the setup.