Copied to clipboard

Flag this post as spam?

This post will be reported to the moderators as potential spam to be looked at


  • Ayo Adesina 419 posts 1001 karma points
    Dec 20, 2019 @ 16:05
    Ayo Adesina
    0

    Configuring Azure Active Directory login with Umbraco

    I have sucessfully configured umbraco to use Azure Active Directory, following this guide:

    https://shazwazza.com/post/configuring-azure-active-directory-login-with-umbraco/

    However, when I go to /umbraco/ I see a button to login in with my AD credentials, but I can also still log in using the default login provider: enter image description here

    It also seems that before you can login with the AD credentials you have to link it to your 'normal login'

    My question is how do I configure umbraco so it uses ONLY Azure Active Directory, in addition is there a way to avoid the user having to have a 'normal' account before they can login to the back office with there AD credentials?

  • Gerhard Grossberger 39 posts 142 karma points
    Aug 20, 2020 @ 08:50
    Gerhard Grossberger
    0

    We did a similar thing, so the user has to login once - and as soon as he is registered with AD, we reset the password for Umbraco so he can only use AD going forward. Not the best solution, but it works.

  • Ben Duguid 11 posts 84 karma points
    1 week ago
    Ben Duguid
    0

    Rather belatedly - you need to hook up the Auto-Linking features on the Identity provider - this is referenced at the end of Shannon's guide without any further details.

    I wrote up my experiences with Azure AD and auto linking on my blog here:

    https://doodle.uk/blogs/2019/06/21/setting-up-umbraco-azure-ad-authentication

    To fully remove the ability to log in with a username and password, you'll need to remove those fields from the login page - I recommend a simple plugin that replaces the login control with one with just the External Providers controls so that you still have a simple upgrade path. Do note though that if your users have already created accounts with their email addresses, you'll need to get them to link their accounts before you remove the login form, as the auto-linker will complain that there is already an account for that email address.

Please Sign in or register to post replies

Write your reply to:

Draft