-
Feature Request
-
Resolution: Won't Do
-
Normal
-
None
-
2.4, 2.5
-
False
-
-
False
The AAP 2.5 documentation explains how to configure Entra ID auth, and then goes on to explain how to use mapping. This is fine, because you can still map by user attributes, but Entra ID does not allow for mapping based on a Group.
Changes to the documentation:
To set up enterprise authentication for Microsoft Entra ID, formerly known as Microsoft Azure Active Directory (AD), you need to obtain an OAuth2 key and secret by registering your organization-owned application from Azure using the Quickstart: Register an application with the Microsoft identity platform. NOTE: Entra Id does not allow for Group mapping. If you wish to use Group mapping, select [SAML authentication](https://docs.redhat.com/en/documentation/red_hat_ansible_automation_platform/2.5/html/access_management_and_authentication/gw-configure-authentication#controller-set-up-SAML)
NEXT STEPS To control which users are allowed into the Ansible Automation Platform server, and placed into Ansible Automation Platform organizations or teams based on their attributes (like username and email address) or to what groups they belong, continue to Mapping. NOTE: Entra Id does not allow for Group mapping. If you wish to use Group mapping, select [SAML authentication](https://docs.redhat.com/en/documentation/red_hat_ansible_automation_platform/2.5/html/access_management_and_authentication/gw-configure-authentication#controller-set-up-SAML)