BlackbitDevs
commented
8 months ago Here are the steps to set up Azure AD SSO login (copied from Readme - maybe I should publish this...):
Microsoft Azure Active Directory
To use Azure AD as authentication provider, you have to create a new Azure AD app:
- Log in to your Azure account and navigate to Azure Active Directory > App registrations.
- Select
+ New registrationto create a new app. - Enter a name of your choice in the
Namefield. - Set
Redirect URIto https://your-pimcore.com/sso/redirect - please replace the domain name to your real one. - Click
Register - Copy the
Application (client) IDfrom the app configuration page and paste it in the Pimcore SSO configuration's fieldClient ID. - Navigate to the app’s configuration page. If you just completed the previous step, you should already be on this page. Otherwise, search for your app name in the App registrations list.
- Select
Certificates & secrets. - Select
+ New client secret. Provide a description and an expiration length that follows your security organization’s guidelines. Then click Add. - Copy the newly-created client secret and paste it in the Pimcore SSO configuration's field
Client Secret. - In Pimcore SSO configuration, as
Discovery URLenter https://login.microsoftonline.com/[TENANT]/.well-known/openid-configuration - please replace[TENANT]with your tenant id. - In Pimcore SSO configuration, as
Scopesuseopenid,profile,email - In user field mappings assign:
| Pimcore field | Azure AD field |
|---|---|
| Username / login | unique_name |
| Given name | given_name |
| Family name | family_name |
| unique_name | |
| Groups / Roles | groups |
So to answer your question: The callback URL in the Azure app has to be https://demo.pimcore.blackbit.de/sso/redirect
I need to test SSO plugin on Your server https://demo.pimcore.blackbit.de (before we buy it) for SSO Azure Login. Can You tell me what Replay address should we set on Azure side for OpenID connection ?
We can use only domain (https://demo.pimcore.blackbit.de) or with some additional path ?
@BlackbitDevs