Connect Apps to Azure Active Directory
Prerequisite
Create an Azure Active Directory (Azure AD) account here
Setup a tenant by completing Quickstart: Set up a tenant
Register an application by completing Quickstart: Register an application with the Microsoft identity platform
Choose "Supported account type", the following options are supported:
Accounts in this organizational directory only (Contoso AD (dev) only - Single tenant)
Accounts in this organizational directory (Any Azure AD directory - Multitenant)
Accounts in this organizational directory (Any Azure AD directory - Multitenant) and personal Microsoft accounts (e.g. Skype, Xbox)
"Personal Microsoft accounts only" is not supported yet. Remember the account type chosen as this affects the configuration on Authgear portal
Configure "Redirect URI" with
https://<YOUR_AUTHGEAR_ENDPOINT>/sso/oauth2/callback/azureadv2
Follow this section to add a client secret. Remember to record the secret value when you add the client secret, as it will not be displayed again. This will be needed for configure OAuth client in Authgear.
Redirect URI has the form of /sso/oauth2/callback/:alias
. The alias
is used as the identifier of OAuth provider. You can configure the alias
in Authgear Portal.
Configure Sign in with Microsoft through the portal
In the portal, go to Authentication > Social / Enterprise Login.
Enable Sign in with Microsoft
Fill in Client ID with Application (client) ID of your just created Azure AD application.
Fill in Client Secret" with the secret you get after creating a client secret for your Azure AD application.
For Tenant field:
If single tenant (first option) is chosen, fill in the Directory (tenant) ID of your Azure AD application.
If multi tenant (second option) is chosen, fill in the string literal
organizations
.If multi tenant and personal account (third option) is chosen, fill in the string literal
common
.
Save the settings.
🎉 Done! You have just added Azure Active Directory (Azure AD) Login to your apps!
Force Login page
Azure Active Directory automatically logs in to the same account without requiring a username and password. To prevent this behaviour, you can use the prompt=login
parameter to force Azure Active Directory to show the login page. See our guide on using the prompt=login parameter in Authgear SDKs to learn more.
Last updated