The configuration and files that are needed to create SSO with SAML for AzureAD.
All credits go to billylebegue.
See link: https://www.reddit.com/r/Netbox/comments/104ouqz/netbox_saml_with_azure_ad_authorization/
Go to location of netbox folder (/opt/netbox/) and add in local_requirements.txt the following modules/library
- python3-saml
- onelogin
This step is no longer necessary. The xmlsec1 maintainers have fixed the bugs in version 1.3.14 (xmlsec/python-xmlsec#284 (comment)).
Go to the location of netbox folder (opt/netbox/netbox/netbox) Paste the content from configuration.py in file and edit the values to match your setup
- SOCIAL_AUTH_SAML_SP_ENTITY_ID
- SOCIAL_AUTH_SAML_SP_PUBLIC_CERT
- SOCIAL_AUTH_SAML_SP_PRIVATE_KEY
- SOCIAL_AUTH_SAML_TECHNICAL_CONTACT
- SOCIAL_AUTH_SAML_SUPPORT_CONTACT
- SOCIAL_AUTH_SAML_ENABLED_IDPS
Create the file in the same location as configuration.py, paste the content in the file and save. Change the group-admins to the name you use for admin group. Everything else is added as readonly afterwards in netbox you can change permissions as well.
Make sure you bind the groups in Azure to the azure SSO app specified for netbox.
Run the file upgrade.sh (./upgrade.sh) located in /opt/netbox/ or rebuild the docker to get the new modules loaded.
Restart the services (systemctl restart netbox netbox-rq) or do a manual reboot