Connect Apps to Azure Active Directory

PreviousEnterprise Login Providers NextConnect Apps to Microsoft AD FS

Last updated 10 months ago

Was this helpful?

Prerequisite

Create an Azure Active Directory (Azure AD) account

Setup a tenant by completing

Choose "Supported account type", the following options are supported:

Accounts in this organizational directory only (Contoso AD (dev) only - Single tenant)
Accounts in this organizational directory (Any Azure AD directory - Multitenant)
Accounts in this organizational directory (Any Azure AD directory - Multitenant) and personal Microsoft accounts (e.g. Skype, Xbox)

"Personal Microsoft accounts only" is not supported yet. Remember the account type chosen as this affects the configuration on Authgear portal

Configure "Redirect URI" with https://<YOUR_AUTHGEAR_ENDPOINT>/sso/oauth2/callback/azureadv2

Follow section to add a client secret. Remember to record the secret value when you add the client secret, as it will not be displayed again. This will be needed for configure OAuth client in Authgear.

Redirect URI has the form of /sso/oauth2/callback/:alias. The alias is used as the identifier of OAuth provider. You can configure the alias in Authgear Portal.

Configure Sign in with Microsoft through the portal

In the portal, go to Authentication > Social / Enterprise Login.

Enable Sign in with Microsoft

Fill in Client ID with Application (client) ID of your just created Azure AD application.

Fill in Client Secret" with the secret you get after creating a client secret for your Azure AD application.

For Tenant field:

If single tenant (first option) is chosen, fill in the Directory (tenant) ID of your Azure AD application.
If multi tenant (second option) is chosen, fill in the string literal organizations.
If multi tenant and personal account (third option) is chosen, fill in the string literal common.

Save the settings.

🎉 Done! You have just added Azure Active Directory (Azure AD) Login to your apps!

Prerequisite

Create an Azure Active Directory (Azure AD) account

Setup a tenant by completing

Choose "Supported account type", the following options are supported:

Accounts in this organizational directory only (Contoso AD (dev) only - Single tenant)
Accounts in this organizational directory (Any Azure AD directory - Multitenant)
Accounts in this organizational directory (Any Azure AD directory - Multitenant) and personal Microsoft accounts (e.g. Skype, Xbox)

"Personal Microsoft accounts only" is not supported yet. Remember the account type chosen as this affects the configuration on Authgear portal

Configure "Redirect URI" with https://<YOUR_AUTHGEAR_ENDPOINT>/sso/oauth2/callback/azureadv2

Redirect URI has the form of /sso/oauth2/callback/:alias. The alias is used as the identifier of OAuth provider. You can configure the alias in Authgear Portal.

Configure Sign in with Microsoft through the portal

In the portal, go to Authentication > Social / Enterprise Login.

Enable Sign in with Microsoft

Fill in Client ID with Application (client) ID of your just created Azure AD application.

Fill in Client Secret" with the secret you get after creating a client secret for your Azure AD application.

For Tenant field:

If single tenant (first option) is chosen, fill in the Directory (tenant) ID of your Azure AD application.
If multi tenant (second option) is chosen, fill in the string literal organizations.
If multi tenant and personal account (third option) is chosen, fill in the string literal common.

Save the settings.

🎉 Done! You have just added Azure Active Directory (Azure AD) Login to your apps!

Azure Active Directory automatically logs in to the same account without requiring a username and password. To prevent this behaviour, you can use the prompt=login parameter to force Azure Active Directory to show the login page. See our in Authgear SDKs to learn more.

Prerequisite

Configure Sign in with Microsoft through the portal

Force Login page

Prerequisite

Configure Sign in with Microsoft through the portal

Force Login page