Umbraco Azure Active Directory login
The steps below allow your Umbraco backend users to authenticate using their Azure AD user accounts.
- Install Azure Active Directory IdentityExtension package into your solution
https://www.nuget.org/packages/UmbracoCms.IdentityExtensions.AzureActiveDirectory
- Configure App registration using the Azure Portal:
Complete the App Details:
Configure redirect URL's for all your environments (if required)
Make a note of the Application ID and Tenant ID:
- Configure Umbraco Solution
- Add the Client Id, Tenant Id and redirect URL to your AppSettings.
- Open the App_Start/UmbracoStandardOwinStartup.cs file that was installed with the IdentityExtensions pakage
- Underneath the call to base.Configuration(app); add the block of code that was shown in the readme shown after you installed the Nuget package which looks like this:
app.ConfigureBackOfficeAzureActiveDirectoryAuth(
//The Tenant can also be "YOURDIRECTORYNAME.onmicrosoft.com"
tenant: ConfigurationManager.AppSettings["azureAd:tenantId"],
clientId: ConfigurationManager.AppSettings["azureAd:clientId"],
//The value of this will need to change depending on your current environment
postLoginRedirectUri: ConfigurationManager.AppSettings["azureAd:redirectUrl"],
//This is the same as the TenantId
issuerId: new Guid(ConfigurationManager.AppSettings["azureAd:tenantId"]));
Ensure that this OWIN startup class is defined in your web.config: <add key="owin:appStartup" value="UmbracoStandardOwinStartup" />
- Users can now link their existing profile to their Azure AD account
- You can configure auto linking to ensure anyone in your Azure AD can login into Umbraco without the need to add Umbraco user profiles
https://our.umbraco.com/documentation/Reference/Security/#auto-linking-accounts-for-custom-oauth-providers
