Skip to main content

Documentation Index

Fetch the complete documentation index at: https://backstage.spotify.com/docs/llms.txt

Use this file to discover all available pages before exploring further.

It is important to follow all the steps in this guide to ensure a successful configuration of authentication.If you encounter any issues, please contact support.
Portal includes a built-in Microsoft authentication provider that uses Microsoft Azure Entra ID OAuth for user authentication. To enable Entra ID authentication for your Portal instance, follow these steps.

Configure the Authentication Provider in Portal

  1. From the admin sidebar section -> App settings -> Auth -> Entra ID.
  2. Enter the following details from your Azure App Registration:
    • Client ID
    • Tenant ID
    • Client secret
Add app credentials
  1. Below, select Enable under the Use for Sign in selector, then select UserId matching user entity annotation as resolver strategy.
Add sign in resolver
  1. Click Save.

Test your new auth provider

To test your new auth provider, you can sign out of Portal and sign back in using your credentials. If you are unable to sign in, please reach out to your organization’s Portal admin for assistance. To sign out follow these steps:
  1. Select your profile from the sidebar
  2. Press “Sign Out”
  3. Sign back in using your Entra ID credentials

Next Steps

Your Portal instance is now set up to authenticate users via Microsoft Entra ID and this completes the Entra ID setup guide. In the next section, you can learn how to retain admin access to Portal for your user ingested from Entra ID.