Open rugulous opened 2 years ago
Now that this page is in Vue
, it will be relatively easy to hook up the front end of this - if an email is entered that ends with "@byba.online", redirect to the oauth endpoint - so we don't even need a separate "login" button.
I'll put this in the next sprint!
Add a configurable login with Microsoft option.
Configuring:
@byba.online
emails) and grants permissionsorganization
endpoint and the following details are captured:TenantID
- this is theid
returned from the requestRealm
- this is theverifiedDomain
withisDefault = true
We don't necessarily need to show theTenantID
, but theRealm
should be an editable text field.Logging In: If
TenantID
is set then display a "Login with Microsoft" button that redirects tohttps://login.microsoftonline.com/{TenantID}/oauth2/v2.0/authorize
, so that we can log the user in.Additionally, we can use the
Realm
to detect and redirect based on the email address that the user enters - if the user entersuser@byba.online
then this could be picked up in JS and redirect to the same link but with an additionallogin_hint=${email}
- this then means that the user only needs to enter their password to complete their Microsoft login (perhaps this should be an additional config option?)In addition, the
Realm
andTenantID
parameters can be used for other integrations with theGraph API
- we don't currently use any of them, and I'm not sure that any of the other associations we are targeting have Office 365 accounts, but may be worth keeping for future developments?