Microsoft Azure cloud ActiveDirectory can be used to authenticate users for translate5.
If you wish, you can set up the same translate5 instance on different domains and configure for different clients different domains and different OpenID servers.
Follow all the below steps.
- Necessary MS Azure cloud configurations
- Assign the appropriate translate5 roles to your users in Azure
Necessary MS Azure cloud configurations
After logging into your MS Azure cloud, follow the following steps:
Register and configure an "app" for translate5 in Azure ActiveDirectory
...
| Code Block | ||
|---|---|---|
| ||
"appRoles": [
{
"allowedMemberTypes": [
"User"
],
"description": "TermSearch users can use TermSearch in translate5 TermPortal.",
"displayName": "TermSearch user in translate5 TermPortal",
"id": "d1c2ade8-98f8-45fd-aa4a-6d06b947c66f",
"isEnabled": true,
"lang": null,
"origin": "Application",
"value": "termCustomerSearch"
},
{
"allowedMemberTypes": [
"User"
],
"description": "InstantTranslate users can use InstantTranslate in translate5.",
"displayName": "InstantTranslate user in translate5",
"id": "d2c2ade8-98f8-45fd-aa4a-6d06b947c66f",
"isEnabled": true,
"lang": null,
"origin": "Application",
"value": "instantTranslate"
},
{
"allowedMemberTypes": [
"User"
],
"description": "PMs have project manager rights in translate5.",
"displayName": "translate5 PM",
"id": "d3c2ade8-98f8-45fd-aa4a-6d06b947c66f",
"isEnabled": true,
"lang": null,
"origin": "Application",
"value": "pm"
},
{
"allowedMemberTypes": [
"User"
],
"description": "Editor users have basic login and edit rights in translate5.",
"displayName": "translate5 editor",
"id": "d4c2ade8-98f8-45fd-aa4a-6d06b947c66f",
"isEnabled": true,
"lang": null,
"origin": "Application",
"value": "editor"
},
{
"allowedMemberTypes": [
"User"
],
"description": "Admin users in translate5 have additional admin rights to the PM rights.",
"displayName": "translate5 admin",
"id": "d5c2ade8-98f8-45fd-aa4a-6d06b947c66f",
"isEnabled": true,
"lang": null,
"origin": "Application",
"value": "admin"
},
{
"allowedMemberTypes": [
"User"
],
"description": "API users can access the translate5 API.",
"displayName": "translate5 API user",
"id": "d6c2ade8-98f8-45fd-aa4a-6d06b947c66f",
"isEnabled": true,
"lang": null,
"origin": "Application",
"value": "api"
}
], |
| Code Block | ||
|---|---|---|
| ||
"optionalClaims":
{
"idToken": [
{
"name": "upn",
"essential": false,
"additionalProperties": [ "include_externally_authenticated_upn"]
},{
"name": "email",
"essential": false
},{
"name": "family_name",
"essential": false
},{
"name": "given_name",
"essential": false
}
]
}, |
Assign the appropriate translate5 roles to your users in Azure
You can assign the translate5 roles for your users directly in Azure. If Azure transfers roles for your users to translate5 (as it does with the above configuration) translate5 will set these roles with each login via Azure in translate5 - and change existing roles for the user and ignore the roles that are set for the OpenID configuration for the corresponding client in translate5.
Please note: Signing in via Azure with the following steps does only work for normal users in Azure, not for Guest users. Maybe there are some tweeks in Azure that allow it for Guest users as well - if someone finds out please add to this documentation.
...
...