Twitter LinkedIn

Umbraco Azure Active Directory login

  • By 3chillies
3chillies

The steps below allow your Umbraco backend users to authenticate using their Azure AD user accounts.

  1. Install Azure Active Directory IdentityExtension package into your solution

    https://www.nuget.org/packages/UmbracoCms.IdentityExtensions.AzureActiveDirectory 

  2. Configure App registration using the Azure Portal:



    Complete the App Details:



    Configure redirect URL's for all your environments (if required)



    Make a note of the Application ID and Tenant ID:



  3. Configure Umbraco Solution

    - Add the Client Id, Tenant Id and redirect URL to your AppSettings.
    - Open the App_Start/UmbracoStandardOwinStartup.cs file that was installed with the IdentityExtensions pakage
    - Underneath the call to base.Configuration(app); add the block of code that was shown in the readme shown after you installed the Nuget package which looks like this:

    app.ConfigureBackOfficeAzureActiveDirectoryAuth(
        //The Tenant can also be "YOURDIRECTORYNAME.onmicrosoft.com"
        tenant: ConfigurationManager.AppSettings["azureAd:tenantId"],
        clientId: ConfigurationManager.AppSettings["azureAd:clientId"],
        //The value of this will need to change depending on your current environment
        postLoginRedirectUri: ConfigurationManager.AppSettings["azureAd:redirectUrl"],
        //This is the same as the TenantId
        issuerId: new Guid(ConfigurationManager.AppSettings["azureAd:tenantId"]));
    Ensure that this OWIN startup class is defined in your web.config: <add key="owin:appStartup" value="UmbracoStandardOwinStartup" />

  4. Users can now link their existing profile to their Azure AD account



  5. You can configure auto linking to ensure anyone in your Azure AD can login into Umbraco without the need to add Umbraco user profiles

    https://our.umbraco.com/documentation/Reference/Security/#auto-linking-accounts-for-custom-oauth-providers

scroll back to the top of the current web page