Need to configure PMM with Azure AD SAML SSO

How do I set up PMM with Azure AD SAML SSO… I have not been able to find any documentation … Is this available for PMM?

1 Like

PMM doesn’t have an integration with Azure AD, but you can set up SSO providers for Grafana

instructions are here

One thing to note is to make the changes suggested you’d have to go inside the container and modify /etc/grafana/grafana.ini and those changes would be lost in an upgrade (definitely container upgrade and I’m pretty sure a UI upgrade). For me I use grafana environment variables when I start my PMM container. i.e. I add this to my docker run command when I first created the pmm container -e GF_AUTH_LDAP_ENABLED=true -e GF_AUTH_LDAP_CONFIG_FILE=/srv/grafana/ldap.toml

and you can see I store my ldap.toml file in /srv which is preserved after both container upgrade and UI upgrades. Hopefully that gets you pointed in the right direction but if not just let us know.

1 Like

Hi Steve,

Need to configure PMM with azure AD.

I followed below and configured grafana file.

Configure Azure AD OAuth2 authentication | Grafana documentation)

Could you help me as still I am unable to login with azure AD

1 Like

Hello ,

Did you get any solution. Please help me on this

1 Like

I don’t have access to an Azure AD to test with so I can only suggest things to look at but can’t actually do it myself.

So couple questions that will help me get my brain into your environment:
what kind of install is your PMM? Docker, OVF, AMI?

After you finished the integration do you get the new login button on the login page to use Azure?

The biggest hints on the problem can typically be found in /srv/logs/grafana.log or pmm-managed.log
tail them while trying to login with the account and maybe the errors will help see what’s gone wrong.

Are you a Percona Customer by chance? If so you have the option of federating your Azure AD with our auth-provider (Okta) so you use your Azure account and we handle the OAuth stuff. Technically we use the exact same OAuth integration so there’s a chance whatever is preventing your direct connection to Azure might also happen.

1 Like

@steve.hoffman PMM still does not support Azure AD integration ?