Map groups to Lenses 

Groups are case-sensitive and mapped by UUID with Azure

Integrate your user-groups with Lenses using the Azure group IDs. The group IDs are in universally unique identifier (UUID) format. Create a group in Lenses using the UUID as the name.

For example, if the Engineering group has the UUID ae3f363d-f0f1-43e6-8122-afed65147ef8, create a group with the same name:

Azure SSO / SAML and Kafka RBAC

To learn how to use data centric permissions for users and service accounts check the help center.

Configure single sign-on for Azure in the security.conf file. = "" = "azure" = "/path/to/federation-metadata-xml.xml" = "/path/to/keystore.jks" = "my_keystore_password" = "my_saml_key_password"

See all SSO options

Setup Microsoft Azure SSO 

Learn more about Azure SSO

  1. Go to Enterprise applications > + New Application
  2. Search for in the gallery directory
  3. Choose a name for Lenses e.g. and click Add
Azure gallery Kafka

Enable Single-Sign-On 

Select Set up single sign on > SAML

Azure enable SAML

Configure your SAML details:

Azure configure SAML

Identifier (Entity ID)Use the base url of the Lenses installation e.g.
Reply URLUse the base url with the callback details e.g.
Sign on URLUse the base url

Remember to activate HTTPS on Lenses. See TLS.

Download SAML Signing Certificate 

Azure SSO/SAML IDP file

Download the Federation Metadata XML file with the Azure IdP details. Then, include this file in the Lenses security.conf configuration file.

See all SSO options.