/
Enable SSO on a VCD

Enable SSO on a VCD

Owned by Jason Baseley
Last updated: 09 Nov 2022
2 min read

OpenID Connect (OIDC)

Redirect URI: https://mycloud.xxx.zettagrid.com/login/oauth?service=tenant:<org_cloudXX>

org_cloudXXX must be in lowercase

Create a new App Registration, enter a name

 

Click on ‘Add a redirect URI’ and enter https://mycloud.xxx.zettagrid.com/login/oauth?service=tenant:<org_cloudXX>

Create a client secret under ‘Certificates and secrets’

 

Under ‘token configuration’ click ‘add groups claim’ and add a groups claim

Under ‘API Permissions’ click ‘Add a permission’ then click on ‘Microsoft Graph’, then ‘Delegated Permissions’ and select ‘email’, ‘profile’, and ‘openid’

 

vCloud:

Log into vCloud director and navigate to ‘Administration’ from the top menu

Enter client ID and secret into OpenID settings, the IDP Well-known Configuration Endpoint will be:

  • https://login.microsoftonline.com/<TENANTID>/v2.0

Click next, it should autofill the information

Ensure claims maps are as follows:

You may need to re-edit the config later to get all the claims mapped, sometimes it doesnt let you free-text edit the claim name

Turn on automatic key refresh, with the defaults.

SAML

 

 

 

https://mycloud.per.zettagrid.com/login/org/org_cloudXXXXXXX/saml/SSO/alias/vcd

 

In Azure AD:

Enterprise Applications → New Application → Create your own application

In the app select ‘Single Sign on’ from the left, select SAML

Edit Basic SAML Configuration:

 

 

Related content

Configure Microsoft Entra ID (formerly Azure Active Directory) SAML Authentication with VMware Cloud Director
Configure Microsoft Entra ID (formerly Azure Active Directory) SAML Authentication with VMware Cloud Director
Cloud External KB
More like this
Customer Single Sign On Beta Test Information
Customer Single Sign On Beta Test Information
Cloud External KB
More like this