Using Azure AD for Authentication

Using Azure AD for Authentication

  

Hello All,


We're trying to configure our Outsystems applications to have an Azure AD based authentication. We've tried the Office365Connector but the only response that we receive from Azure is a Tentant ID without any token to unencrypt.

Does anyone have successfully used Azure AD?

Does the platform supports Azure AD integration?


Kind regards,

Hélio Rocha

Hi Helio,


Looking at the Azure AD development guide it looks like a simple and standard Oauth protocol.

And looking at the Office365Connector it seems like a very good example on how to access it.


How does the response that you get from the GetToken call look like?



Hi Helio,


 If you want to just authenticate user via Azure AD, you can also go for MicrosoftLoginConnector.


Below I am listing all the steps to implement SSO:

To implement SSO Office 365 first you need to create App in https://portal.azure.com. 

Steps to create App in https://portal.azure.com: 

  1. Login to Azure account 

  2. Find and open Azure Active Directory on Dashboard. 

  3. In Azure Active Directory click on App Registration menu. 

  4. Click on +New application registration menu. 

  5. Enter Name, Application Type, Sign-on URL (Login URL of your websiteand click on Create. 

  6. Here you can find Application ID(Client ID). 

  7. Enter Home page URL of your website in : Settings?Properties?Home Page URL 

  8. Create Secret Key in: Settings?Keys?Password Section ? Enter Description & Duration and click on save button to generate Secret Key. 

  9. Enter Reply URLs in: Settings?Reply URLs. 



 
 Steps to implement SSO in OutSystem: 

  1. Install MicrosoftLoginConnector from forge.  


https://www.outsystems.com/forge/component/3275/microsoft-login-connector/?Unfollow=False 


  1. Open MicrosoftLoginConnector in service studio. 

  2. In Modules section you will find 2 modules 

    1. MicrosoftLoginConnector 

    2. Microsoft_StringUtils(extension) 

  3. Open MicrosoftLoginConnector Module 

  4. Create a link on Login page set its destination as CommonFlow\OAuthLogin . 

  5. CommonFlow\OAuthLogin require 5 input parameters , so you need to set parameters value. 

    1. OriginalURL: URL Page where the user is going to be redirect after being Logged in. 

    2. Resource: 
         - Only for Login with Microsoft use "https://graph.windows.net" value. 

    3. Scope: Impersonation permissions granted to the client application. The default permission is user_impersonation. The owner of the secured resource can register additional values in Azure AD. 

    4. Client Id - Get from Azure Settings. The Application Id that the registration portal assigned your app. 

    5. ClientSecret - Get from Azure Settings. The application secret that you created in the app registration portal for your app.  

  6. In CallbackPage Screen's Prepration you will get all the response data. 


Let me know if you need any more help.


Regards,

Afaque Shaikh