Setup user authentication using Microsoft/Azure AD
This article provides a quick start guide for adding Microsoft Login to Authress. This enables your users to login using Azure AD, Outlook, Microsoft AD, MS Live, XBox, and any other Microsoft corporate identity provider and authenticate into your software.
If you are looking to enable admin login access into the Authress Management Portal using your corporate IdP see the Authress Management Portal SSO Configuration.
In this guide we’ll set up Microsoft login. the Login with Microsoft OAuth configuration is in Azure. Setting up authentication requires the following parts:
- Authress-Microsoft OAuth configuration
- Azure Marketplace App Registration
- Testing the configuration
Prerequisite: Azure Development Account
In order to enable your users to log in with Microsoft AD, Outlook, or any of the above listed providers, you will need an Azure developer account. You can do that by Registering for an Azure account.
Authress Connection configuration
The first step is enabling the Microsoft preconfigured Authress connection in the Authress Management Portal.
You will see there are the missing fields Client ID
and Client Secret
, first we are going to get the Client ID
.
Azure App Registration
Now we can create a new App Registration. This App Registration is what your users will see when the choose to sign in with Microsoft.
Navigate to the Azure Portal and choose to create a new App Registration. Click App registrations > then click New registration.
Or click here: Create App registration
Enter a Name
and make sure to select the appropriate Supported account types
. Authress recommends:
Accounts in any organizational directory (Any Azure AD directory - Multitenant) and personal Microsoft accounts (e.g. Skype, Xbox)
- Set the
Redirect URI
to be your Authress Custom Domain url. This is the domain you set up in your Authress account. We'll assume for this example it ishttps://login.company.com
and therefore the redirect URI ishttps://login.company.com/login
. And then click Register. This value is available in your new Authress Connection for Microsoft in theComplete Setup
section of the connection.
And then copy this value to the App Registration in Azure:
App Client Configuration
Now that the App is created in Azure we can copy the Client ID
from the portal and store it in Authress:
App Client Secret
The next step is to generate the App Client Secret. To do that click Add a certificate or secret
in the Azure Portal:
Then click New client secret
, enter a useful description and an Expiry date, and then copy the Secret Value
(not the secret ID) back to the Authress Connection:
Validate the configuration
Now the setup is complete and you are ready to test connection. You can test the connection in the Authress Connection configuration by clicking Test Connection
:
When everything is configured correctly you'll see the test login success screen: