You can protect your Turnkey application with your active directory via Azure AD.

1.      You should already have a Turnkey web app

2.      You should have sufficient rights to register web apps in your organization's Azure AD

Login into Portal Azure and go to Azure Active Directory:

Make a copy of your AD name (the authority name).

Then App Registrations, New Application registration:

Enter a name for your application (just an easy-read identifier)

Also enter the sign on URL to your Turnkey – in my case: https://hkscratch.azurewebsites.net/Account/Login

You will get this screen with important information:

Copy the application ID.

You now have the Application ID Guid and the Authority name. We will now assign these to your application via the Turnkey-portal:

Paste your values in – then Send Settings And Restart:

The value for OpenId-authority for AzureAD has the form of https://login.microsoftonline.com/<your authority>/

Remember to save.

Your application now has an OpenId button and when you click it, you are taken to the OpenId-authority for verification:

If this was the first login, a new SysUser object was created - you are done with Single Sign On (SSO) via OpenId.