Azure AD Setup#

  1. Install oauthenticator with required dependency

    pip3 install "oauthenticator[azuread]"
  2. Set the AAD_TENANT_ID environment variable

  3. Add the code below to your file

    import os
    from oauthenticator.azuread import AzureAdOAuthenticator
    c.JupyterHub.authenticator_class = AzureAdOAuthenticator
    c.Application.log_level = 'DEBUG'
    c.AzureAdOAuthenticator.tenant_id = os.environ.get('AAD_TENANT_ID')
    c.AzureAdOAuthenticator.oauth_callback_url = 'http://{your-domain}/hub/oauth_callback'
    c.AzureAdOAuthenticator.client_id = '{AAD-APP-CLIENT-ID}'
    c.AzureAdOAuthenticator.client_secret = '{AAD-APP-CLIENT-SECRET}'

    This sample code is provided for you in examples > azuread >

  4. Make sure to replace the values in '{}' with your APP, TENANT, DOMAIN, etc. values

  5. You might need to add at least the openid scope if your organization requires MFA (c.AzureAdOAuthenticator.scope = ['openid']), in addition to whatever else you need.

  6. Follow this link to create an AAD APP

  7. CLIENT_ID === Azure Application ID, found in: Azure portal --> AD --> App Registrations --> App

  8. TENANT_ID === Azure Directory ID, found in: Azure portal --> AD --> Properties

  9. Run via:

    sudo jupyterhub -f ./path/to/
  10. See for an example

  11. Source Code