Setting up Entra ID authentication in Factry Historian

requirements before starting, make sure you have completed the app registration process you can find the full instructions here registering an app in entra id docid\ y7nflubtgvhbfahpgvcbe you will need tenant id – the unique identifier for your entra id tenant client id – the application’s identifier created during app registration client secret – the secret generated for the application in entra id configure authentication provider in factry historian, go to configuration > server settings > authentication providers click create provider fill in name – a friendly name for the authentication provider this must be the exact name used as \<my auth provider> as part of the callback url registering an app in entra id docid\ y7nflubtgvhbfahpgvcbe tenant id – your entra id tenant’s unique id client id – the app’s unique id from azure client secret – the secret corresponding to the client id don't enable group mapping in this section (allows azure groups to map to factry historian user groups) to configure this, see setting up entra id authentication in factry historian /#configure group mapping decide whether security groups or app roles are used to determine the entra id groups which the user is added to by setting the group mapping type for securiy groups set security group for app roles set app role click save & test to verify the configuration configure group mapping enable group mapping to automatically map user groups defined in azure to user groups defined in factry historian, granting the according privileges to the users present in the azure groups when group mapping is enabled on the authentication provider, a user in factry historian can not be manually configured into a user group, since on each login the user will be linked to the user groups matching the authentication provider to manually assign users to groups in factry historian, skip this section in factry historian, go to configuration > server settings > authentication providers and select the configured entra id authentication provider to enable group mapping for it in entra id, find the object ids of the security groups or app roles you want to use these can be found in the group overview copy the object id (and not the name of the group) to paste in the factry historian user group mapping in factry historian, go to configuration > groups and click the edit icon of the user group that you want to map to an entra id group in the manage user group screen, click + create user group mapping enter the entra id group object id (not the name) from step 1 in the name field in factry historian select the entra id authentication provider e g microsoft from the dropdown menu click submit on saving a user group mapping, all the users in the entra id group matching the given object id will be granted the permissions of the mapped factry historian user group this will automatically assign users to the correct groups when they log in into factry historian we recommend to continue by configuring a user group mapping for each user group in factry historian administrators, managers and readers test authentication and group mapping to test entra id authentication and group mapping in factry historian log out of factry historian select the entra id authentication provider in the login screen and log in using your entra id account verify if login succeeds without errors if the correct user groups and permissions are applied (is group mapping was enabled) when successfully logging in with an entra id user in factry historian, the user will be automatically created in factry historian (if it does not exist yet) trouble logging in? see setting up entra id authentication in factry historian /#troubleshooting and/or registering an app in entra id docid\ y7nflubtgvhbfahpgvcbe and look for your error troubleshooting troubleshooting entra id authentication docid\ qog3brlwi2hfpdlojgfxm