Add Entra ID (Azure AD) as SSO Provider¶
Note
Azure Active Directory (Azure AD) has been renamed to Microsoft Entra ID. For the remainder of this guide, these terms are considered synonymous.
To integrate Entra ID (Azure AD) as a new SSO provider, install the Azure AD module. After that:
Backend settings¶
Set up the necessary environment variables for the Frontend Application to authenticate users via Entra ID (Azure AD) authentication provider:
set "Azuread…Enabled=true"
set "AzureAd_ApplicationId=86d04c35-143d-4d3c-aca2-8608e2186282"
set "Azurend…TenantId=bc03e660-5e3a-45c4-bf5c-b75489f78923"
set "AzureAd…ValidateIssuer=MultitenantAzureAD"
Platform settings¶
Configure store settings:
- Click Stores in the main menu.
- In the next blade, select the desired store.
- In the next blade, click on the Authentication widget.
-
In the next blade, enable/disable authentication types for the selected store.
Note
By default, all registered authentication types are enabled.
-
Click Save to save the changes.
The GraphQL query confirms that authentication via Entra ID (Azure AD) is enabled:
The Azure AD authentication button appears on the login page of the Frontend Application:
Note
If an account does not exist, clicking on the Azure Active Directory button will automatically create a new account.