Proxmox OIDC AzureAD authentication

#proxmox #pve #azuread #public #office365 #linux

Step 1 - Sign into Azure AD and click App Registrations.

r/Proxmox - Proxmox OIDC Authentication Azure AD

Step 2 – Click New Registration add a name and one of your Proxmox Servers

r/Proxmox - Proxmox OIDC Authentication Azure AD

Step 3 –Add all of your URL for your Proxmox Servers by clicking Add URI then Save.

r/Proxmox - Proxmox OIDC Authentication Azure AD

Step 4 – Click Certificates & Secrets then New Client Secret you can specify when you want the secret to expire. Make sure you save the Secret under Value, we will need this later.

r/Proxmox - Proxmox OIDC Authentication Azure AD

Step 5 – Click Overview Copy the Client ID then click Endpoints

r/Proxmox - Proxmox OIDC Authentication Azure AD

Copy the OpenID Connect metadata document link and remove /.well-known/openid-configuration this part from the link, so you end up with something like this https://login.microsoftonline.com/{Your Tenant ID}/v2.0

r/Proxmox - Proxmox OIDC Authentication Azure AD

Step 6 – Go to Proxmox and Authentication – Add – OpenID Connect then add the values for Azure AD

r/Proxmox - Proxmox OIDC Authentication Azure AD

Now sign out and sign in with your new Realm and you should be good to go. This should be pretty much the same if you’re using Okta, ADFS, or something else. I think the main thing you need to know is that Issuer URL is really looking for your OpenID Connect Metadata, and it’s auto appending /.well-known/openid-configuration to the URL so you don’t need to add it again.

Source: Proxmox OIDC Authentication Azure AD : r/Proxmox