This section describes how to enable Azure AD authentication for your Orchestrator App Service.

From the Azure Portal:

1. Register your Orchestrator App Service.
2. Select Manifest from the left menu and edit the following keys:
   • oauth2AllowUrlPathMatching - set to true.
   • oauth2AllowIdTokenImplicitFlow - set to true.
   • oauth2AllowImplicitFlow - set to true.
3. Save the Manifest changes.
4. From the Development Tools menu navigate to Advanced Tools > Go > Debug Console > CMD.
5. Open the Site folder and navigate to wwwroot.
6. Use Kudu to open and edit the web.config file and the following keys:
   a. ExternalAuth.AzureAD.Enabled - set to true to enable Azure Active Directory for authentication.
   b. ExternalAuth.AzureAD.ApplicationId - enter the ApplicationId associated of this Orchestrator App Service.
   c. ExternalAuth.AzureAD.RedirectUri - enter the Orchestrator web app URL that should also be used when registering in Azure Active Directory (e.g. https://platform.uipath.com).
7. Save the web.config changes and restart the Orchestrator application.
8. You can now log in to Orchestrator and use the admin account to provision your AD users.