Microsoft login setup
Setting up Social Login requires establishing a trusted relationship between Strivacity and Microsoft Azure.
Microsoft require a number of prerequisite steps to be completed before you can use Microsoft as a login provider. We have attempted to help explain the steps required in this process to make it easier to on-board Microsoft Login. References to the Microsoft documentation are also provided.
This process can be achieved in four steps:
Step 1: Create an Azure account with an active subscription
(You can skip this step if you already have an Azure account)
Step 2: Create an Azure AD B2C Tenant
(You can skip this step if you already have an Azure AD B2C Tenant)
Step 3: Register an application with the Microsoft Identity Platform
Here you configure Microsoft Login and choose the account types, e.g. a social (personal) Microsoft account, or use an account from Azure AD.
Step 4: Configuring Strivacity with Microsoft Login
The easiest part! The steps required in Strivacity once you have completed Steps 1, 2 and 3 above.
Step 1: Create an Azure Account
If you do not have an existing Azure account with an active subscription, the first step to setting up Microsoft Login is to setup an Azure account.
You can sign up for an Azure account here: https://azure.microsoft.com/en-us/free/
Once you have successfully registered an account, you can proceed below to Step 2: Create an Azure AD B2C Tenant.
Step 2: Create an Azure AD B2C Tenant
The full Microsoft tutorial and instructions on how to create an Azure B2C Tenant, along with guidance on troubleshooting the process can be found here:
https://docs.microsoft.com/en-us/azure/active-directory-b2c/tutorial-create-tenant
Here is an abridged version of the steps required. If you are doing this for the first time, you may want to consult the Microsoft documentation.
1) Sign into the Azure Portal: https://portal.azure.com/ using an Azure account that has at least the Contributor role for the subscription that you're using.
2) Select the directory that contains your subscription using the Directory + Subscription toolbar button to select the directory that contains your active subscription, as shown below. Once the correct directory has been selected, click the + Create a resource button:
3) Next, search for Azure Active Directory B2C as shown below:
.png)
4. Next, click the Create button for Azure Active Directory B2C, as shown below:
.png)
5. Now choose whether you would like to create a new Azure AD B2C Tenant, or link this subscription to any existing Azure AD B2C Tenant. In this case, we are going to create a new Azure B2C Tenant:
.png)
6. Next, provide the information required to create a tenant as shown below. Once created, a confirmation screen will be shown.
.png)
7. Once the tenant has been created, you can move onto Step 3: Register an application with the Microsoft Identity Platform.
Step 3: Register an application with the Microsoft Identity Platform
The full Microsoft tutorial and instructions on how to register an application with the Microsoft Identity Platform can be found here:
https://docs.microsoft.com/en-us/azure/active-directory/develop/quickstart-register-app
1) If you are not currently logged in to Azure, proceed to log into the Microsoft Azure here: https://portal.azure.com using your Azure account (from Step 1, above).
2) From the hamburger navigation menu, select All services from the menu, as shown below:
.png)
3) Next, select Identity, and then App registrations, as shown below:
.png)
4) Next, select + New registration from the App registrations page as shown below:
.png)
5) Now provide a name and the scope of the supported account types depending on how you intend to use Microsoft Login in conjunction with your application.
Within the Redirect URL, leave the drop down box set to Web and enter the following FQDN, as shown below:
https://[_Strivacity _instance URL]/login/api/v1/socialCallback
.png)
6) Once completed, click the Register button at the bottom of the screen. You will then be returned to a screen showing the details of the application that you have just created which will show the Application (client) ID.
Take a note of the ClientID and store this safely until needed in Step 4: Configuring Strivacity with Microsoft Login.
7) Next, still within the Strivacity application screen, click Certificates & secrets from the left hand menu under Manage, as shown below:
.png)
8) Under Client secrets within the Certificates & secrets page, click + New client secret, as shown below:
.png)
9) Next, enter a description and choose the expiry for the client secret as shown below:
.png)
10) Once generated, make a note of the client secret and store it safely. You will need the Client Secret, along with the ClientID (from step 6 above) when configuring Strivacity.
Step 4: Configuring Strivacity with Microsoft Login
Following these steps will finalize your setup for using Microsoft Login as a social login provider with Strivacity (and your application).
1) Start by logging into the Admin Console using an admin account.
2) From the left-hand menu, select External Login, then Social Login
3) From the Social Login screen, click the + Create Provider button from the top right hand corner as shown below:
4) From the Create Social Login Provider screen click the Microsoft icon as shown below:
5) The Create Microsoft Login Provider screen will now be displayed as shown below:
6) Next, copy the ClientID and Client Secret from the Azure Portal (from Steps 6 and 10) above and paste the respective values into the ClientID and Client Secret fields. Click Save.
Strivacity will use the User (Read) attributes of the customers profile. If you choose to synchronize and store any account profile data at each login, then Strivacity will retrieve and store this information which will be visible to the customer in the My Account page, and to any Strivacity Admin's when managing the customer identity.
Updated 5 months ago