Skip to content
Last update: September 16, 2024

Add Entra ID (Azure AD) as SSO Provider

Note

Azure Active Directory (Azure AD) has been renamed to Microsoft Entra ID. For the remainder of this guide, these terms are considered synonymous.

To integrate Entra ID (Azure AD) as a new SSO provider, install the Azure AD module. After that:

  1. Manage backend settings.
  2. Manage Platform settings.

Backend settings

Set up the necessary environment variables for the Frontend Application to authenticate users via Entra ID (Azure AD) authentication provider:

environment.yml
set "Azuread…Enabled=true"
set "AzureAd_ApplicationId=86d04c35-143d-4d3c-aca2-8608e2186282"
set "Azurend…TenantId=bc03e660-5e3a-45c4-bf5c-b75489f78923"
set "AzureAd…ValidateIssuer=MultitenantAzureAD"

Platform settings

Configure store settings:

  1. Click Stores in the main menu.
  2. In the next blade, select the desired store.
  3. In the next blade, click on the Authentication widget.
  4. In the next blade, enable/disable authentication types for the selected store.

    Configure authentication types

    Note

    By default, all registered authentication types are enabled.

  5. Click Save to save the changes.

The GraphQL query confirms that authentication via Entra ID (Azure AD) is enabled:

Query

The Azure AD authentication button appears on the login page of the Frontend Application:

Azure AD button

Note

If an account does not exist, clicking on the Azure Active Directory button will automatically create a new account.