Copied to clipboard

Flag this post as spam?

This post will be reported to the moderators as potential spam to be looked at

  • Hugh 30 posts 64 karma points
    Oct 14, 2017 @ 11:24

    Azure Active Directory Issue

    We have a site in Azure that has Azure AD setup on the front end. This requires the user to login in with their Azure Active Directory account to view the front end. This all works well out of the box with Azure config and no additional customisation of Umbraco.

    However; we also want to give access to users to Umbraco Backend using their AD account. I have setup and configured UmbracoCms.IdentityExtensions.AzureActiveDirectory perfectly. And this works like a charm, but only when the front end is not setup to use Azure AD. As soon as we turn on that in Azure, the users can not authenticate to the BackEnd.

    Has anyone seen this before?

  • Jonas Söderström 8 posts 78 karma points
    Apr 29, 2019 @ 09:59
    Jonas Söderström

    Hugh, Did you manage to solve this? We have the same requirements but were struggling to get it to work

  • Magic Mike 3 posts 73 karma points
    Nov 20, 2020 @ 12:49
    Magic Mike

    Jonas, did you solve this, we are also struggling to set this up.

  • Paul 18 posts 98 karma points
    Nov 23, 2020 @ 15:26

    I also want to set this up, so bump :)

  • organic 108 posts 157 karma points
    Jan 27, 2021 @ 01:40

    This is what I'm trying to do, as well. I have several sites using Azure AD for Umbraco users on the Admin side. For that I followed: and

    And I've managed to get a sample of the front side AAD login working in a sample following -

    But the two seem mutually exclusive because they each configure IAppBuilder app differently, specifically, the .RedirectUri's are different and back office configuration sets OpenIdConnectAuthenticationOptions.SignInAsAuthenticationType = Constants.Security.BackOfficeExternalAuthenticationType


  • organic 108 posts 157 karma points
    Jan 27, 2021 @ 16:45

    I have not tried this yet, but here is Shannon's response:

    yes it's possible, you will need to have your owin startup cater for all scenarios, there's no package OOTB that will configure this for you so you will need to merge the required package settings from UmbracoIdentity and UmbracoCms.IdentityExtensions

    Members and Users in umbraco are separate. So if you are planning on using the same AAD for both, Umbraco will still treat them differently and store the results differently. You will need bothUmbracoIdentity (for members) and UmbracoCms.IdentityExtensions (for users)

Please Sign in or register to post replies

Write your reply to: