redpanda-data · JakeSCahill · Jan 17, 2025 · Jan 17, 2025 · Jan 17, 2025
@@ -188,7 +188,7 @@
 **** xref:console:config/connect-to-redpanda.adoc[Connect to Redpanda]
 **** xref:console:config/security/index.adoc[Security]
 ***** xref:console:config/security/authentication.adoc[Authentication]
-****** xref:console:config/security/azure-ad.adoc[Azure AD]
+****** xref:console:config/security/azure-ad.adoc[Microsoft Entra ID]
 ****** xref:console:config/security/github.adoc[GitHub]
 ****** xref:console:config/security/generic-oidc.adoc[Generic OIDC]
 ****** xref:console:config/security/google.adoc[Google]

@@ -10,7 +10,7 @@ include::shared:partial$enterprise-and-console.adoc[]
 
 Redpanda Console supports authentication using OAuth 2.0 or OIDC for external identity providers, such as:
 
-* xref:./azure-ad.adoc[AzureAD]
+* xref:./azure-ad.adoc[Microsoft Entra ID]
 * xref:./google.adoc[Google]
 * xref:./github.adoc[GitHub]
 * xref:./keycloak.adoc[Keycloak]

@@ -1,6 +1,6 @@
-= Azure AD SSO Authentication in Redpanda Console
+= Microsoft Entra ID SSO Authentication in Redpanda Console
 :page-aliases: manage:security/console/azure-ad.adoc
-:description: Integrate Redpanda Console with Azure AD to allow your users to use their Azure AD identities to sign-in to Console.
+:description: Integrate Redpanda Console with Microsoft Entra ID to allow your users to use their Microsoft Entra ID identities to sign-in to Console.
 :page-categories: Management, Security, Redpanda Console
 
 
@@ -9,14 +9,16 @@
 include::shared:partial$enterprise-and-console.adoc[]
 ====
 
-By integrating Redpanda Console with Azure AD, your users can sign in to Redpanda Console using their Azure AD login credentials.
+By integrating Redpanda Console with Microsoft Entra ID, your users can sign in to Redpanda Console using their Microsoft Entra ID login credentials.
+
+NOTE: Although the identity service is now called Microsoft Entra ID, the Redpanda Console configuration key remains `azureAd` for backward compatibility. Any reference to `azureAd` in the configuration refers to Microsoft Entra ID.
 
 == Prerequisites
 
 You must have:
 
-* An https://learn.microsoft.com/en-us/azure/active-directory/fundamentals/sign-up-organization[Azure AD account^] and permissions to create applications within your directory.
-* A registered OIDC application with Azure AD configured as the OpenID Connect (OIDC) provider. For more information about using OIDC, see the https://learn.microsoft.com/en-us/entra/identity-platform/v2-protocols-oidc[Microsoft documentation^].
+* An https://learn.microsoft.com/en-us/azure/active-directory/fundamentals/sign-up-organization[Microsoft Entra ID account^] and permissions to create applications within your directory.
+* A registered OIDC application with Microsoft Entra ID configured as the OpenID Connect (OIDC) provider. For more information about using OIDC, see the https://learn.microsoft.com/en-us/entra/identity-platform/v2-protocols-oidc[Microsoft documentation^].
 +
 When you https://learn.microsoft.com/en-us/entra/identity-platform/quickstart-register-app[register the application^], provide the following inputs when prompted:
 +
@@ -25,7 +27,7 @@ When you https://learn.microsoft.com/en-us/entra/identity-platform/quickstart-re
 ** *Redirect URI*: Enter the domain where Redpanda Console is hosted followed by the `/login/callbacks/azure-ad` path. For example, `+https://console.<your-company>.com/login/callbacks/azure-ad+` or `+https://localhost:8080/login/callbacks/azure-ad+`.
 
 +
-IMPORTANT: When you configure the identity provider, make a note of the client ID and client secret. You must add these credentials to the <<edit-the-console-configuration-file, console configuration file>> so that Repanda Console can establish communication with Azure AD.
+IMPORTANT: When you configure the identity provider, make a note of the client ID and client secret. You must add these credentials to the <<edit-the-console-configuration-file, console configuration file>> so that Repanda Console can establish communication with Microsoft Entra ID.
 
 == Edit the console configuration file
 
@@ -77,19 +79,19 @@ login:
     #  identifier in the roleBindings as 'name' as well.
     #  Other common options are:
     #  - upn (unique principal name - you need to add the upn
-    #    claim as a claim for id tokens in your Azure AD application)
+    #    claim as a claim for id tokens in your Microsoft Entra ID application)
     #  - email (under certain conditions there's no value for
     #    the email propagated)
     userIdentifyingClaimKey: "oid"
 
     # The directory configuration is only required if you want to use
-    # Azure AD groups in your role bindings, as described
+    # Microsoft Entra ID groups in your role bindings, as described
     # in the next section.
     # directory:
     #   tenantId: ""
 ----
 
-== RBAC Azure AD groups sync
+== RBAC Microsoft Entra ID groups sync
 
 You can bind roles to Azure groups from your organization by providing the `tenantId` in the directory configuration and adding API permissions to your client application. To retrieve the `tenantId`, go to
 your registered application in the Azure Active Directory portal. The *Directory (tenant) ID* is listed
@@ -115,7 +117,7 @@ Next, grant admin consent for the default directory by clicking *Grant admin con
 
 == Define role-bindings
 
-When you set up the Azure AD login configuration, you can bind Azure AD users or groups to roles. Following is a sample
+When you set up the Microsoft Entra ID login configuration, you can bind Microsoft Entra ID users or groups to roles. Following is a sample
 role binding:
 
 [,yaml]

@@ -695,7 +695,7 @@ To upgrade, contact https://redpanda.com/try-redpanda?section=enterprise-trial[R
 
 When you enable https://openid.net/developers/how-connect-works/[OIDC^], Redpanda and
 Redpanda Console can delegate the authentication process to an external identity provider
-(IdP) such as Okta, Azure AD, or on-premise Active Directory Federation Service (AD FS).
+(IdP) such as Okta, Microsoft Entra ID, or on-premise Active Directory Federation Service (AD FS).
 With OIDC enabled, Redpanda does not need to manage user credentials directly,
 but can instead rely on the trusted authentication capabilities of established IdPs.
 

@@ -354,12 +354,12 @@ kafka:
       #  identifier in the roleBindings as 'name' as well.
       #  Other common options are:
       #  - upn (unique principal name - you need to add the upn
-      #    claim as a claim for id tokens in your Azure AD application)
+      #    claim as a claim for id tokens in your Microsoft Entra ID application)
       #  - email (under certain conditions there's no value for
       #    the email propagated)
       #userIdentifyingClaimKey: "oid"
       # The directory configuration is only required if you want to use
-      # Azure AD groups in your role bindings, as described
+      # Microsoft Entra ID groups in your role bindings, as described
       # in the next section.
       # directory:
       #   tenantId: ""