I am investigating how to use Azure AD to authenticate platform users in OutSystems.

I cannot find a LifeTime plugin component in the Forge that does this.

I can find one that works for end-users, and I see there is an OutSystems document and a SOAP API that can be used to create this plugin:


So, I think I can build it myself.

My question is if anybody already done this and got it working? If so, if you are willing to share this knowledge with me.

Kind regards,


So to make sure. You want to use Azure AD to authenticate for access to Lifetime. Not for authentication to your own made applications?  

For the first, I can't help you with that. For the latter you could use Idp: https://www.outsystems.com/forge/component-overview/599/idp

Hi Vincent,

Indeed need it for authenticating access to the platform (Service Studio, Service Center, LifeTime). 

For end-users there are already several Forge components that can be used to implement it, as I already noted in my original post.



Hi Daniel,

At OutSystems' Digital team we've created a component specific for that. 

The component is based on Idp but very customized to integrate with azure AD and implements the lifetime SDK so it's a proper authentication provider that you can use on lifetime

If you can wait a couple of weeks I may be able to release a forge component with it (first I have to clean a few internal dependencies).

I'm unsure if it covers 100% of your needs but you can at least use it as a starting point.

I'll let you know here once I'm able to release it.



Hello Guilherme,

That looks very promising!.

Yes, I can wait a few weeks. 

I am basically looking to the functionality provided by the https://www.outsystems.com/forge/component-overview/1473/Sync+AD+Auth+Provider/ component but then with authentication using Azure AD.

This plugin, besides doing credential validation to authenticate the user, also:

  • creates/updates users in the OutSystems platform user and 
  • configures Lifetime roles based on existing AD groups. 
  • The automatic synchronization process takes place during users login, ensuring users will always have their roles up-to-date.

These features are really nice, but even if not available (initially) in your plugin would be very useful i think.



Hi Daniel,

They are :)

The plugin automatically creates the user an grants a specific role (Configurable on the plugin page itself).

It also allows restricting access to users that are members of a specific group on the Azure AD.

I'll let you know once I can clean it up and release it.



Great, you made my day! can't wait to get my hands on it!,

Hi Daniel,

As promised I've just released the component we've talked about. You can find it here: https://www.outsystems.com/forge/component-overview/5228/azure-authentication-provider

You can also find the configuration instructions (quite a long post) here: https://www.outsystems.com/forums/discussion/44819/azure-authentication-provider-setup-and-configuration/

I hope this helps you at least get started with the approach.



Hi Guilherme,

Great news, I will look at it today.



Another "You ask, we deliver" form the OutSystems dev team :-)