Laravel OAuth Single Sign-On (SSO) plugin gives the ability to enable OAuth Single Sign-On for your laravel applications. Using Single Sign-On you can use only one password to access your laravel application and services. Our plugin is compatible with all the OAuth compliant Identity providers. Here we will go through a step-by-step guide to configure Single Sign-On (SSO) between Laravel and Azure B2C considering Azure B2C as OAuth provider. To know more about other features we provide in Laravel OAuth client single-sign-on-sso plugin, you can click here.

 

Installation Laravel Oauth Client Package

• Open a Command Prompt window and change the working directory to your Laravel app's main directory.
• Enter the below command.

  composer require miniorange/oauth-laravel-free

• After successful installation of package, go to your Laravel app in the browser and enter {laravel-application-domain}/mo_oauth_admin
• The package will start setting up your database for you and then redirect you to the admin registration page.
• Register or log in with your miniOrange account to configure the plugin.

• After login, you will see the OAuth provider Settings option, where you will get the Redirect/Callback URL. Keep it handy as it will be required later to configure Azure B2C Single Sign-On SSO plugin.

Steps to configure Azure B2C Single Sign-On (SSO) Login into Laravel

1. Configure Azure B2C as OAuth Provider

• Sign in to Azure portal.
• Go to Home and in the Azure services, select Azure B2C B2C.

• Please make sure you are in the Azure B2C B2C directory with an active subscription and if not, you can switch to the correct directory.

• In the Essentials tab, you will find the Azure B2C domain name, keep it handy, you will need it later for configuring the Azure B2C tenant name under Laravel as an OAuth client.
  

  What is Tenant Name?
  You will need to copy the highlighted domain name portion only in order to configure the tenant name in the Laravel OAuth Client plugin.
  Eg. If your domain name is 'exampledomain.onmicrosoft.com', then your tenant name will be 'exampledomain'.



• Now, click on App registrations and then click on the New registration option to create a new Azure b2c application.

• Configure the following options to create a new application.
• Enter a name for your application under the Name text field.
• In supported account types, select 3rd option ‘Accounts in any identity provider or organizational directory (for authenticating users with user flows)’
• In the Redirect URI section, select the Web application and enter the Callback URL from the Laravel OAuth SSO plugin and save it under the Redirect URL textbox.
• Click on the Register button to create your application.

• After successful application creation, you will be redirected to the newly created application’s overview page. If not, you can go to the app registrations and search the name of your application and you will find your application in the list.

• Copy your Application ID and keep it handy, you will need it later for configuring the Client ID under Laravel as an OAuth Client plugin.

• Now, click on Certificates and secrets and then click on New client secret to generate a client secret. Enter a description and click on the Add button.

• Copy the secret value from certificates & secrets page and keep it handy, you will need it later for configuring the Client Secret under Laravel as an OAuth Client plugin.

Step 1.1: Add Users in your b2c application

• In home page, go to the Users tab in the left corner

• Click on New user in the users page

• Select Create Azure AD B2C user. Then, scroll down and click on Email from sign in method and set your password and click create to save the user details to perform test configuration.

Step 1.2: How to create & add Azure B2C Policy

• Go to User Flows tab and then click on New user flow.

• Select a User flow type Sign up and Sign in then click on Create button.

• Fill all the information e.g. Name, Identity providers, etc. then click on Create button.

• Copy the Policy name this value whenever you need to enter Azure B2C Policy in Laravel OAuth SSO plugin.

Step 1.3: Add user claims to your application

• Go to user flows under policies in the left corner.Select the configured policy.

• Select Application claims in settings

• Select the desired attributes to be displayed on the test configuration and save it.

2. Configure Laravel OAuth plugin as OAuth Client

• Go to the miniOrange Laravel OAuth SSO package and click on Choose AzureB2C as OAuth provider.

• Enter the Client ID and Client Secret from AzureB2C Overview tab.

• Please refer the below table for configuring the Scope and Tenant and Policy or else after selecting AzureB2C scope will added automatically in there respective fields :



Scope:	openid
Tenant:	Click Here for Tenant name
Policy:	Click Here for Policy



• You can send the client credentials in header and send state parameter accordingly also enter login attribute as per your requirement.

• Click on save settings button. After that, Click on test configuration button. you will get the list of Attribute Names and Attribute Values that are sent by your OAuth provider

3. SSO Options

• You can also use a link to login via your OAuth/OpenID provider.
• This link is in the format:

  {laravel-application-domain}/ssologin.php?option=oauthredirect

4. Support / Demo

• Support and Trial/Demo Request tabs are available for customers to reach out to for demos and support.

In this Guide, you have successfully configured Azure B2C Single Sign-On (SSO) using Laravel as OAuth Client. This solution ensures that you are ready to roll out secure access to your Laravel site using Azure B2C login credentials within minutes.

Additional Resources

• Guide For Single Sign On (SSO)
• Laravel Installation