Microsoft OAuth Provider


You will need to have the following info handy before configuring OAuth using Microsoft Provider.

  • Tenant ID: ID of the Azure Directory you wish to authenticate against. Also known as the Directory ID.
  • Application ID: Public identifier of the OAuth application.
  • Application key: The secret of this Application.

You can obtain these details by following the steps below:

  1. Login to your Azure Portal as an Admin AzurePortal

  2. Retrieve your Tenant ID / Directory ID; Click on “Azure Active Directory”, and then Click on “Properties”, and then note your Directory ID for later use. AzurePortal

  3. Define your Portainer Instance Still in Azure Active Directory, Click on App Registrations Click on “+ New Application Registration” AzurePortal Enter in a friendly name for the Portainer Instance Keep the app type as Web App / API In the “Sign-on URL” field, enter the FQDN or IP address that your Portainer instance listens on. AzurePortal

  4. Retrieve the Application ID After creating the app, the screen below is displayed; record the Application ID for later use AzurePortal

  5. Create The Application login key Click on “Settings”, then “Keys” AzurePortal Under the “Passwords” section, create a new key called “login”, set the Duration to “never expires”, and then click Save. The Key will then be generated for you. Note this Application Key Value for later use. AzurePortal


To start to configure Microsoft OAuth Provider, once you logged into Portainer, click Settings and then authentication. After that, select OAuth option and then, select Microsoft.


Here, you only need to define the following information:

  • Tenant ID
  • Application ID
  • Application key

Click Save Settings and you're done.


Manage access to OAuth Team and Users

To understand how to enable access to OAuth Teams and Users, please, refer to this article.


Contribute to these docs