Skip to content

Update Azure SSO tutorial #2208

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 7 commits into
base: dev
Choose a base branch
from
Open

Update Azure SSO tutorial #2208

wants to merge 7 commits into from
+66 −65

Conversation

renetapopova
Copy link
Collaborator

No description provided.

@mnd999 mnd999 self-assigned this Apr 1, 2025
@neo-technology-commit-status-publisher
Copy link
Collaborator

This PR includes documentation updates
View the updated docs at https://neo4j-docs-operations-2208.surge.sh

Updated pages:

@mnd999
Copy link
Contributor

mnd999 commented Apr 2, 2025

@renetapopova Do you need me to test this, or just look over it?

@renetapopova
Copy link
Collaborator Author

I haven't tested it, so if you have time to test it, that would be great. Otherwise, at least check if all the steps are correct and the neo4j configuration is right.

mnd999
mnd999 requested changes Apr 28, 2025
View reviewed changes
Copy link
Contributor

@mnd999 mnd999 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

As above, I think api:// is incorrect.

@neo4j-docops-agent
Copy link
Collaborator

This PR includes documentation updates
View the updated docs at https://neo4j-docs-operations-2208.surge.sh

Updated pages:

@renetapopova renetapopova requested a review from mnd999 April 29, 2025 13:45
@renetapopova
Copy link
Collaborator Author

As above, I think api:// is incorrect.

I am not sure to which line this applies.

@renetapopova
Copy link
Collaborator Author

renetapopova commented Apr 29, 2025
edited
Loading

Also, as per the Trello card, "The line
The audience parameter for access tokens is typically set with api:// at the front.
should be
The audience parameter for access tokens is api://<application (client) id>
if you omit api:// neo4j will give you an authentication error."

That's why I added the api://<application (client) id> to the mapping in the neo4j.conf file. But actually, I have no idea whether these settings are correct.

@mnd999
Copy link
Contributor

mnd999 commented May 20, 2025

When I test with id_token, I get aur: 4155995a-f0c4-44f9-b33b-32291c9f3257, and when I test with access_token, I get aur:00000003-0000-0000-c000-000000000000. No api:// anywhere. Perhaps I need to setup something different in Azure.

@mnd999
Copy link
Contributor

mnd999 commented May 20, 2025

Okay the Use GUID option here seems to determine where it uses an api:// or not.
image

mnd999
mnd999 reviewed May 20, 2025
View reviewed changes
modules/ROOT/pages/tutorial/tutorial-sso-configuration.adoc

. Click *Save and continue* after setting the _Application ID URI_.
. Fill in all mandatory fields in the pane **Add a scope**.
.. Enter a new *Scope name*, *Admin consent display name*, and *Admin consent description*.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It seems quite important that the scope name here is access-token, at least because that is what is used in the example below.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mnd999 mnd999 mnd999 requested changes

Requested changes must be addressed to merge this pull request.

Assignees

@mnd999 mnd999

Labels
cherry-pick-this-to-5.x cherry-pick-this-to-cypher-25 cherry-pick-this-to-main team-cypher-operations
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@renetapopova @neo-technology-commit-status-publisher @mnd999 @neo4j-docops-agent