Umbraco 10 backoffice authentication with Microsoft account
Hello,
I've setup Umbraco 10 with .Net 6 and configured "MicrosoftAccount" as a BackOffice login option. I'm redirected to the Microsoft login page and able to authenticate successfully.
I've overridden the "AutoLinkOptions" to add the user to the "admin" role and set "EmailConfirmed" to true. I've verified that the user is being added to the Umbraco User table and relevant entries are being added to the ExternalLogin, User2UserGroup, and UserLogin tables as well.
However, I get a blank page in the BackOffice - network trace shows that "GetCurrentUser" call fails with 401. I also noticed that the "userDisabled" flag defaults to true in the User table (setting it to true didn't make a difference).
Any suggestions to work around this issue would be appreciated.
I also had this or a very similar issue when configuring microsoft login and auto-linking.
In my case, the context was logging into the back-office via Microsoft as someone who had no existing Umbraco User account (which with auto-linking enabled, generates a new Umbraco User with the signed in email address).
I ended up 'Logged In' to the back-office in the sense that I wasn't redirected to the login page and remained under the /umbraco path, but like you, saw various 401 errors and other than that an entirely blank page.
I found that these auto-generated Users defaulted to 'Is Approved' = No, so it would seem like I was logged in as an unapproved user and could therefore see nothing.
As a short term/manual remedy, I found I could just login as another (administrative) back-office user and mark the troublesome user account as 'Is Approved' = Yes, repeat the Microsoft sign-in and all would work as expected.
As I didn't want to have that manual step going forwards, I essentially added it programatically in the OnAutoLinking callback described here in the docs:
// Optional callback
OnAutoLinking = (autoLinkUser, loginInfo) =>
{
// You can customize the user before it's linked.
// i.e. Modify the user's groups based on the Claims returned
// in the externalLogin info
autoLinkUser.IsApproved = true;
}
Note: I could find no way to save the 'autoLinkUser' but it seems to persist anyway without me having to call a save/write, I guess a later stage of the process within core code commits this update to the users record/DB.
Umbraco 10 backoffice authentication with Microsoft account
Hello,
I've setup Umbraco 10 with .Net 6 and configured "MicrosoftAccount" as a BackOffice login option. I'm redirected to the Microsoft login page and able to authenticate successfully.
I've overridden the "AutoLinkOptions" to add the user to the "admin" role and set "EmailConfirmed" to true. I've verified that the user is being added to the Umbraco User table and relevant entries are being added to the ExternalLogin, User2UserGroup, and UserLogin tables as well.
However, I get a blank page in the BackOffice - network trace shows that "GetCurrentUser" call fails with 401. I also noticed that the "userDisabled" flag defaults to true in the User table (setting it to true didn't make a difference).
Any suggestions to work around this issue would be appreciated.
Thanks, Karthik.
Hi Karthik,
I was facing same issue in umbraco while configuring Microsoft Login.
I have tried with these steps and now it's working:
Before Linking account
After Linking Account
Thanks Niraj. I'm looking into autolinking the user so they don't have to manually go through this process.
Hi Kartihk,
I also had this or a very similar issue when configuring microsoft login and auto-linking.
In my case, the context was logging into the back-office via Microsoft as someone who had no existing Umbraco User account (which with auto-linking enabled, generates a new Umbraco User with the signed in email address).
I ended up 'Logged In' to the back-office in the sense that I wasn't redirected to the login page and remained under the
/umbracopath, but like you, saw various 401 errors and other than that an entirely blank page.I found that these auto-generated Users defaulted to 'Is Approved' = No, so it would seem like I was logged in as an unapproved user and could therefore see nothing.
As a short term/manual remedy, I found I could just login as another (administrative) back-office user and mark the troublesome user account as 'Is Approved' = Yes, repeat the Microsoft sign-in and all would work as expected.
As I didn't want to have that manual step going forwards, I essentially added it programatically in the
OnAutoLinkingcallback described here in the docs:Note: I could find no way to save the 'autoLinkUser' but it seems to persist anyway without me having to call a save/write, I guess a later stage of the process within core code commits this update to the users record/DB.
Thanks Joe. That worked! The user does get persisted when the auto-linking process completes in the core code.
Much appreciated :)
is working on a reply...