Azure AD Deployment Checklist¶
Use this checklist to ensure all steps are completed for Azure AD deployment.
Pre-Deployment Checklist¶
Azure Portal Setup¶
- [ ] Azure app registration created
- [ ] Application (client) ID recorded
- [ ] Directory (tenant) ID recorded
- [ ] Client secret generated and saved securely
- [ ] Client secret expiration date recorded (set calendar reminder)
- [ ] Microsoft Graph User.Read permission added
- [ ] Admin consent granted for permissions
- [ ] Development redirect URI configured:
http://localhost:5000/auth/callback - [ ] Production redirect URI configured:
https://your-domain.com/auth/callback
Database Preparation¶
- [ ] Production database backup created
- [ ] Backup verified and downloadable
- [ ] Migration file reviewed:
migrations/versions/a1f2e3d4c5b6_add_azure_ad_support.py - [ ] Migration tested in development environment
- [ ] Migration tested in staging environment (if available)
Code Review¶
- [ ] All code changes reviewed and tested locally
- [ ] Azure authentication tests passing (40+ tests)
- [ ] Dev login working locally (
DEV_AUTH_BYPASS=True) - [ ] Real Azure login tested locally (optional but recommended)
- [ ] No secrets committed to git
- [ ]
instance/config.pyadded to.gitignore
Configuration Files¶
- [ ]
instance/config.py.examplecreated with template - [ ] Production
instance/config.pyprepared (DO NOT COMMIT) - [ ]
AZURE_AD_CLIENT_IDset correctly - [ ]
AZURE_AD_CLIENT_SECRETset correctly - [ ]
AZURE_AD_TENANT_IDset correctly - [ ]
AZURE_AD_ENABLEDset toTrue - [ ]
DEV_AUTH_BYPASSset toFalse(CRITICAL) - [ ]
DEFAULT_ROLEset to'Pilot'
Dependencies¶
- [ ]
msal==1.26.0added torequirements.txt - [ ] Requirements installed in development:
pip install -r requirements.txt - [ ] Docker image rebuilt (if using Docker):
docker-compose build web
User Communication¶
- [ ] Users notified of upcoming authentication change
- [ ] Email sent explaining new Microsoft login process
- [ ] Help documentation updated
- [ ] Support team briefed on new authentication
Deployment Day Checklist¶
Morning (Before Deployment)¶
- [ ] Staging environment tested one final time
- [ ] Emergency admin account verified (local password working)
- [ ] Rollback procedure reviewed by team
- [ ] Support team on standby
- [ ] Database backup created (timestamp: _______)
Deployment Steps¶
- [ ] Code deployed to production:
git pull origin master - [ ] Dependencies installed/updated
- [ ] Migration applied:
flask db upgrade - [ ] Migration verified:
flask db currentshowsa1f2e3d4c5b6 - [ ] Configuration file uploaded to
instance/config.py - [ ] File permissions set:
chmod 600 instance/config.py - [ ] Web server restarted
- [ ] Logs checked for startup errors:
docker-compose logs web
Post-Deployment Verification¶
- [ ] Azure AD enabled: Check config
AZURE_AD_ENABLED=True - [ ] Dev bypass disabled: Check config
DEV_AUTH_BYPASS=False - [ ] Dev login returns 403: Visit
/auth/dev-login - [ ] Login redirects to Microsoft: Visit
/login - [ ] New user can login and provision successfully
- [ ] Existing user can login and auto-link successfully
- [ ] Audit logs show
azure_provisionandazure_linkevents - [ ] Pending users visible in admin panel:
/admin/users/pending-review - [ ] Password change blocked for Azure users
- [ ] Logout redirects to Azure logout endpoint
Week 1 Monitoring Checklist¶
Daily Tasks¶
- [ ] Day 1: Check audit logs for failed logins
- [ ] Day 1: Verify all team members can login
- [ ] Day 2: Check for email mismatch issues
- [ ] Day 3: Review pending users in admin panel
- [ ] Day 4: Manually link any mismatched accounts
- [ ] Day 5: Review week 1 login statistics
- [ ] Day 7: Team meeting - discuss any issues
Weekly Monitoring Queries¶
-- Failed logins (investigate if > 5)
SELECT COUNT(*) as failed_count
FROM audit_log
WHERE action = 'login'
AND message LIKE '%failed%'
AND timestamp > NOW() - INTERVAL 7 DAY;
-- New Azure users this week
SELECT u.email, u.created_date, u.auth_method, r.title
FROM user u
JOIN role r ON u.role_id = r.id
WHERE u.auth_method IN ('azure_ad', 'both')
AND u.created_date > NOW() - INTERVAL 7 DAY;
-- Users with both auth methods (auto-linked)
SELECT u.email, u.auth_method
FROM user u
WHERE u.auth_method = 'both';
Week 2 Role Review Checklist¶
Pending User Reviews¶
- [ ] Visit admin panel:
/admin/users/pending-review - [ ] Review each new user:
- [ ] Verify user is Napier staff/student
- [ ] Check if user should be Responsible Officer
- [ ] Document promotion decisions
- [ ] Promote appropriate users via edit page
- [ ] Send welcome email to new users
- [ ] Update internal user roster
Role Assignment Criteria¶
Pilot Role (Default): - Students taking drone courses - Researchers conducting flights - New staff members
Responsible Officer (Manual Promotion): - Full-time staff managing drone operations - Faculty leading research projects with multiple flights - Technical staff maintaining equipment
Emergency Rollback Checklist¶
If Azure AD Fails Completely¶
Option 1: Disable Azure (Quick - 5 minutes)
- [ ] SSH to production server
- [ ] Edit instance/config.py
- [ ] Set AZURE_AD_ENABLED = False
- [ ] Restart web server: docker-compose restart web
- [ ] Verify legacy login works: /login
- [ ] Notify users to use local passwords
- [ ] Schedule Azure debugging session
Option 2: Enable Dev Bypass (EMERGENCY ONLY - 2 minutes)
- [ ] Edit instance/config.py
- [ ] Set DEV_AUTH_BYPASS = True
- [ ] Restart web server
- [ ] Admin uses /auth/dev-login to access system
- [ ] FIX AZURE IMMEDIATELY
- [ ] Disable dev bypass as soon as fixed
Option 3: Full Rollback (Complete - 30 minutes)
- [ ] Set AZURE_AD_ENABLED = False
- [ ] Rollback migration: flask db downgrade
- [ ] Restore old routes_auth.py: git checkout HEAD~1 app/routes_auth.py
- [ ] Restart web server
- [ ] Verify legacy login works
- [ ] Notify all users
- [ ] Reset passwords for Azure-only users
Long-Term Maintenance Checklist¶
Monthly Tasks¶
- [ ] Review audit logs for authentication anomalies
- [ ] Check pending user count (should be low after week 2)
- [ ] Verify client secret expiration date
Quarterly Tasks (Every 3 Months)¶
- [ ] Review all user roles
- [ ] Check for dormant Azure accounts
- [ ] Test Azure login flow with new user
- [ ] Update documentation if any changes made
Annual Tasks (Every 12 Months)¶
- [ ] CRITICAL: Renew Azure client secret (2 months before expiry)
- [ ] Review Azure AD permissions
- [ ] Audit all Responsible Officer accounts
- [ ] Test emergency rollback procedure
- [ ] Update deployment documentation
Troubleshooting Checklist¶
Issue: Users Cannot Login¶
- [ ] Check Azure service status: https://status.azure.com/
- [ ] Verify
AZURE_AD_ENABLED=Truein config - [ ] Check redirect URI matches in Azure Portal
- [ ] Review audit logs for error messages
- [ ] Test with known working account (yours)
- [ ] Check browser console for JavaScript errors
- [ ] Verify session storage working (filesystem)
Issue: "Invalid State Token" Errors¶
- [ ] Check session timeout (default: 5 minutes)
- [ ] Verify
flask_session/directory exists - [ ] Check directory permissions (writable by web server)
- [ ] Review session configuration in
app/__init__.py - [ ] Test with different browser (check cookies enabled)
Issue: Email Mismatch (User Cannot Link)¶
- [ ] Find user in database with different email
- [ ] Manually update user email to match Azure:
UPDATE user SET email = 'correct@napier.ac.uk' WHERE id = 123; - [ ] Ask user to login again
- [ ] Verify auto-linking in audit logs
Issue: Client Secret Expired¶
- [ ] Azure Portal > App registrations > Your App > Certificates & secrets
- [ ] Generate new client secret
- [ ] Update
instance/config.pyimmediately - [ ] Restart web server
- [ ] Verify login works
- [ ] Delete old expired secret from Azure
Success Criteria¶
Deployment is considered successful when:
- [ ] All users can login via Microsoft Azure AD
- [ ] New users auto-provisioned with Pilot role
- [ ] Existing users auto-linked by email match
- [ ] Audit logs show successful azure_provision and azure_link events
- [ ] No duplicate user accounts created
- [ ] Admin panel shows pending users for review
- [ ] Password change disabled for Azure-only users
- [ ] Dev bypass is disabled (returns 403)
- [ ] Zero downtime during deployment
- [ ] No rollback needed in first 7 days
- [ ] User satisfaction: < 5 support tickets in first week
Sign-Off¶
Deployment Team¶
| Role | Name | Sign-Off | Date |
|---|---|---|---|
| Developer | |||
| System Administrator | |||
| Project Manager | |||
| Database Administrator | |||
| Security Officer |
Deployment Completed¶
- Date: ______
- Time: ______
- Deployed By: ______
- Verified By: ______
Notes¶
Use this space to document any issues, workarounds, or deviations from the plan:
Checklist Version: 1.0 Last Updated: 2026-02-19