To protect your turnkey application with your active directory you can do so via Azure AD.

1.      You should already have a Turnkey-webApp

2.      You should have sufficient rights to register web-apps in your organizations Azure AD

Login into Portal Azure, go to Azure Active Directory:

Make a copy of your AD name (the authority name).

Then App Registrations, New Application registration:

Enter a name for your application (just an easy read identifier)

Also enter the sign on url to your Turnkey – in my case: https://hkscratch.azurewebsites.net/Account/Login

You will get this screen with important information:

Copy the application ID

You now have the Application ID Guid and the Authority name. We will now assign these to your application via the Turnkey-portal:

Paste your values in – then Send Settings And Restart:

The value for OpenId-authority for AzureAD has the form of https://login.microsoftonline.com/<your authority>/

Remember to save.

Your application now has a OpenId button and when you click it you are taken to the OpenId-authority for verification:

If this was the first login a new SysUser object was created - you are done with Single Sign On (SSO) via OpenId.