Establishing Azure AD SSO Authentication in CData API Server
Single Sign-On (SSO) with Azure Active Directory (Azure AD) improves security, simplifies access management, and enhances the login experience for CData API Server users. By integrating Azure AD using the OpenID Connect (OIDC) standard, users can authenticate using corporate credentials while API Server securely validates identity tokens issued by Azure AD. Overview CData API Server supports Single Sign-On (SSO) via the OpenID Connect (OIDC) standard. Identity providers that implement OpenID, such as Azure Active Directory, can be configured as the SSO platform for API Server. Once SSO is configured: - Users are redirected to Azure AD for authentication - Azure AD issues a signed JWT token - API Server validates the token signature and issuer - Users are authenticated using a Federation ID mapping Note: Currently, API Server supports only individual users, not groups of users. If an SSO platform provides access for a group of users, each individual user within that group must be ad