For the record. In the end we used the SAML Plugin <https://wiki.jenkins-ci.org/display/JENKINS/SAML+Plugin> along with the following instructions to setup SAML Auth in Azure AD:
https://blogs.msdn.microsoft.com/tsmatsuz/2016/12/29/azure-ad-saml-federation-application-tutorial/ We found we needed to set the Entity ID in the SSO config to be the same as the Reply URL. On Wednesday, 16 November 2016 15:07:41 UTC+11, Evan Greensmith wrote: > > > We're moving from Google accounts to Microsoft online accounts. Currently > our Jenkins is setup to use the Google Login Plugin to allow 2-factor login > using staff Google accounts (and Google Authenticator). We'd like to have a > similar setup (with 2-factor auth) using staff Microsoft online accounts > (and Windows Authenticator). > > login.microsoftonline.com provides an oauth end-point that could be used > to provide 2-factor authentication, but I can't find any microsoft/generic > OAuth Login plugin (the Google Login Plugin appears to hard-code the google > OAuth end-points). Using LDAP/AD would be an option, but not sure how we > could get the 2-factor authentication setup (using Windows Authenticator). > Our current fall-back is to opt for LDAP login but have more restricted > access to the Jenkins box. > > I'd be interested to hear any stories of looking at login via Microsoft > online accounts. Or any useful pointers. > > Cheers, > Evan. > -- You received this message because you are subscribed to the Google Groups "Jenkins Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-users/dbd30834-9b62-4df6-8211-b5ccd39c3639%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
