microsoft-login-connector
Web icon

Microsoft Login Connector - Traditional Web

Stable version 6.0.6 (Compatible with OutSystems 11)
Other versions available for 10
Uploaded on 29 Jun by 
4.3
 (12 ratings)
microsoft-login-connector

Microsoft Login Connector - Traditional Web

Documentation
6.0.7

6.0.5

What is the Microsoft Login Connector

All Microsoft Cloud Services including Office 365, Dynamics 365, Sharepoint among others, are protected by an OAuth authentication from Azure Active Directory. Azure AD is the identity provider, responsible for verifying the identity of users and applications that exist in an organization’s directory, and ultimately issuing security tokens upon successful authentication of those users and applications. Each external application needs to be register on Azure AD to be request an OAuth access token that will be included on each REST API request.This connector tries to abstract the complexity of the OAuth authentication needed in the authorization process to all other REST APIs from Microsoft.



Registering Connector Application on Azure and Office 365

To register the connector application on open up your azure portal  at https://portal.azure.com. If you have an office 365 package you can login to azure using your office 365 admin credentials.  In the search bar at the top of the screen type in 'App Registration' and select.  You should see the below screen.

Select  New registration indicated by the plus symbol, getting the below (obviously with your organisation being shown were Davies March is showing)


Provide a name, maybe something like 'Microsoft Auth for OutSystems' and set a redirect URI  as https://<your outSystems Server>/MicrosoftLoginConnector/CallbackPage.aspx.   (NB image is from older version of connector when the traditional web entry was called)


and hit register giving a record like the below

The client ID you will need to enter into your application is just below the display name.

To generate the secret select certificates & secrets in the second menu from the left.

select new client secret

Select how long you want the secret to last for and give it a name. This will generate the secret you need to add into your application.

Make sure you copy or note your secret as it will be stared out the next time you return to it and will need to generate a new one.


Once you have your setup established you will need to go into the Microsoft Loginconnector Management app (also on forge - https://www.outsystems.com/forge/component-overview/7716/microsoft-login-connector-management) and setup your application using the details created above. 


Azure AD Managing Outsystems Roles

If you are looking to AD to manage the roles synchronising them to your OutSystems instance then this article explains how to setup the roles on the Azure AD side.

https://docs.microsoft.com/en-us/azure/architecture/multitenant-identity/app-roles#roles-using-azure-ad-app-roles

 

Solution: 404, page not found with the CallbackPage

Should you get (in)frequent 404 page not found errors for the CallbackPage after logging in you need to do the following steps;

1. Install the Factory Configuration application and open this application on your environment(s)

2. In the tab "Shared Configuration" create a new Shared Configuration of kind "web.config_XSL"

3. Fill in a name and optionally a description

4. Add the following Value and Save the configuration

<?xml version="1.0" encoding="UTF-8"?>
<xsl:stylesheet version="1.0"
xmlns:xsl="http://www.w3.org/1999/XSL/Transform">
<xsl:output method="xml" indent="yes" encoding="UTF-8"/>
<xsl:template match="@*|node()">
<xsl:copy>
<xsl:apply-templates select="@*|node()"/>
</xsl:copy>
</xsl:template>
<xsl:template match="/configuration/system.webServer/security/requestFiltering">
<xsl:copy>
<xsl:apply-templates select="@*|node()"/>
<requestLimits maxUrl="4096" maxQueryString="2048"/>
</xsl:copy>
</xsl:template>
</xsl:stylesheet>

 5. In the tab "eSpaces" search for microsoftloginconnector

6. Select "MicrosoftLoginConnector" and/or "MicrosoftLoginConnectorReactive"

7. Select the newly created Shared Configuration in the dropdown and click on "Associate Shared Configuration"

8. Republish the Microsoft Login Connector components via Service Center