diff --git a/awx/sso/conf.py b/awx/sso/conf.py
index 651cb901ca..784c05a4bf 100644
--- a/awx/sso/conf.py
+++ b/awx/sso/conf.py
@@ -797,6 +797,68 @@ register(
     placeholder=SOCIAL_AUTH_TEAM_MAP_PLACEHOLDER,
 )
 
+###############################################################################
+# MICROSOFT AZURE ACTIVE DIRECTORY SETTINGS
+###############################################################################
+
+register(
+    'SOCIAL_AUTH_AZUREAD_OAUTH2_CALLBACK_URL',
+    field_class=fields.CharField,
+    read_only=True,
+    default=SocialAuthCallbackURL('azuread-oauth2'),
+    label=_('Azure AD OAuth2 Callback URL'),
+    help_text=_('Register an Azure AD application as described by '
+                'https://msdn.microsoft.com/en-us/library/azure/dn132599.aspx '
+                'and obtain an OAuth2 key (Client ID) and secret (Client Secret). '
+                'Provide this URL as the callback URL for your application.'),
+    category=_('Azure AD OAuth2'),
+    category_slug='azuread-oauth2',
+)
+
+register(
+    'SOCIAL_AUTH_AZUREAD_OAUTH2_KEY',
+    field_class=fields.CharField,
+    allow_blank=True,
+    label=_('Azure AD OAuth2 Key'),
+    help_text=_('The OAuth2 key (Client ID) from your Azure AD application.'),
+    category=_('Azure AD OAuth2'),
+    category_slug='azuread-oauth2',
+)
+
+register(
+    'SOCIAL_AUTH_AZUREAD_OAUTH2_SECRET',
+    field_class=fields.CharField,
+    allow_blank=True,
+    label=_('Azure AD OAuth2 Secret'),
+    help_text=_('The OAuth2 secret (Client Secret) from your Azure AD application.'),
+    category=_('Azure AD OAuth2'),
+    category_slug='azuread-oauth2',
+)
+
+register(
+    'SOCIAL_AUTH_AZUREAD_OAUTH2_ORGANIZATION_MAP',
+    field_class=fields.SocialOrganizationMapField,
+    allow_null=True,
+    default=None,
+    label=_('Azure AD OAuth2 Organization Map'),
+    help_text=SOCIAL_AUTH_ORGANIZATION_MAP_HELP_TEXT,
+    category=_('Azure AD OAuth2'),
+    category_slug='azuread-oauth2',
+    placeholder=SOCIAL_AUTH_ORGANIZATION_MAP_PLACEHOLDER,
+)
+
+register(
+    'SOCIAL_AUTH_AZUREAD_OAUTH2_TEAM_MAP',
+    field_class=fields.SocialTeamMapField,
+    allow_null=True,
+    default=None,
+    label=_('Azure AD OAuth2 Team Map'),
+    help_text=SOCIAL_AUTH_TEAM_MAP_HELP_TEXT,
+    category=_('Azure AD OAuth2'),
+    category_slug='azuread-oauth2',
+    placeholder=SOCIAL_AUTH_TEAM_MAP_PLACEHOLDER,
+)
+
 ###############################################################################
 # SAML AUTHENTICATION SETTINGS
 ###############################################################################
diff --git a/awx/sso/fields.py b/awx/sso/fields.py
index 750516a2c8..874ec3acad 100644
--- a/awx/sso/fields.py
+++ b/awx/sso/fields.py
@@ -52,6 +52,10 @@ class AuthenticationBackendsField(fields.StringListField):
             'SOCIAL_AUTH_GITHUB_TEAM_SECRET',
             'SOCIAL_AUTH_GITHUB_TEAM_ID',
         ]),
+        ('social.backends.azuread.AzureADOAuth2', [
+            'SOCIAL_AUTH_AZUREAD_OAUTH2_KEY',
+            'SOCIAL_AUTH_AZUREAD_OAUTH2_SECRET',
+        ]),
         ('awx.sso.backends.SAMLAuth', [
             'SOCIAL_AUTH_SAML_SP_ENTITY_ID',
             'SOCIAL_AUTH_SAML_SP_PUBLIC_CERT',