Azure AD B2C SSO OAuth / OpenID Connect Single Sign On into Magento | Azure AD B2C Login

Azure AD B2C SSO OAuth / OpenID Connect Single Sign On into Magento | Azure AD B2C Login


Configure the Magento OAuth & OpenID Connect Single Sign-On (SSO) plugin with Azure B2C Single Sign-On (SSO). Use Microsoft Azure B2C as an OAuth and OpenID Connect provider to provide safe login into Magento. With Azure B2C Single Sign-On (SSO), your users may log in and access your Magento site by authenticating with their Azure B2C identity provider. You can also use various IDPs, such as Azure AD, Office 365, and other bespoke providers, to configure the plugin. It has powerful Single Sign-On (SSO) features like user profile attribute mapping and role mapping, among others. We'll go over how to set up Single Sign-On (SSO) for user authentication between Magento and Azure B2C in this guide.
To know more about other features we provide in Magento OAuth Single Sign-On ( OAuth & OpenID Connect Client ) plugin, you can click here.

Pre-requisites : Download And Installation

  • You can download the miniOrange OAuth OpenID Connect SSO Free plugin from the Magento Marketplace.
  • Select Your Magento Store version from the Dropdown.
  • Click on Add to cart.
  • Go to the cart and checkout to buy the plugin.
  • Click on Download and save the miniOrange OAuth OpenID Connect SSO Plugin zip.
  • Unzip all contents of the zip inside the MiniOrange/OAuth directory.
  • {Root Directory of Magento} app code MiniOrange OAuth

  • Run the following commands on command prompt to enable the plugin
  •       1. php bin/magento setup:upgrade
          2. php bin/magento setup:di:compile

Magento OAuth OpenID Connect SSO extension allows login (Single Sign-On) into Magento with your Azure AD, Azure B2C, AWS Cognito, WSO2, Okta, LinkedIn, Google, Facebook, Slack, Discord or other custom OAuth 2.0 providers [24/7 SUPPORT]

 Tested with 2.4.4

Steps to configure Azure AD B2C OAuth & OpenID Single Sign-On (SSO) Login into Magento

1. Setup Azure Active Directory B2C as OAuth Provider

Follow the steps below to configure Azure AD B2C as OAuth Provider

miniorange img Configure Azure AD B2C as OAuth Provider
  • Sign in to Azure portal.
  • From the Azure services menu, select Azure AD B2C.
  • Magento Azure AD B2C SSO OAuth / OpenID / OIDC Single Sign On, Azure AD SSO Login
  • Click the App registrations service in the left-hand navigation panel, then click New registration.
  •  Azure AD B2C SSO OAuth / OpenID / OIDC Single Sign On, Azure AD SSO App-Registration
  • Enter the Name of the Application. Select Web from the dropdown menu and enter the Redirect URL. (You will get the redirect URL from the OAuth settings tab of the plugin). Register your application.
  • Magento Azure AD B2C SSO OAuth / OpenID / OIDC Single Sign On, Azure AD SSO registration
  • Your application is given a unique Application ID by Azure AD B2C. Copy Application ID and the Directory ID, this will be your Client ID and Tenant ID respectively.
  • Magento SSO Azure AD B2C SSO OAuth / OpenID / OIDC Single Sign On, Azure AD SSO Overview
  • From the left navigation column, select Certificates and Secrets and then New Client Secret. Click the ADD button after entering a description and an expiration time.
  • Magento Azure AD B2C SSO OAuth / OpenID / OIDC Single Sign On, Azure AD SSO client-secret
  • Copy the obtained value of the generated client secret. This will be your Secret key.
  •  Azure AD B2C SSO OAuth / OpenID / OIDC Single Sign On, Azure AD SSO Secret Key
  • Navigate to Azure AD B2C. Choose User flows. and select New user flow from the drop-down menu.
  •  Azure AD B2C SSO OAuth / OpenID / OIDC Single Sign On, Azure AD SSO user flow creation
  • Name the user flow. Choose Email Signup and click the Create button.
  •  Azure AD B2C SSO OAuth / OpenID / OIDC Single Sign On, Azure AD SSO user flow create
  • Click on your created user flow
  •  Azure AD B2C SSO OAuth / OpenID / OIDC Single Sign On, Azure AD SSO select user flow
  • Replace the policy name you just created in the appropriate endpoints.

You've successfully configured Azure AD (Active Directory) B2C as an OAuth Provider for Magento user integration using Azure AD Single Sign-On (SSO).


2. Configuring Magento 2 as OAuth Client

  • After successfully configuring OAuth Provider, go to OAuth Provider tab and configure OAuth Provider Name, Client ID, Client Secret, Scope and provided endpoints. (You can copy these values in STEP 2 from the application dashboard.)

    Please refer below Endpoints to configure the OAuth client


    Scope: openid
    Authorize Endpoint: https://{tenant-name}.b2clogin.com/{tenant-name}.onmicrosoft.com/{policy-name}/oauth2/v2.0/authorize
    Access Token Endpoint: https://{tenant-name}.b2clogin.com/{tenant-name}.onmicrosoft.com/{policy-name}/oauth2/v2.0/token
    Get User Info Endpoint: https://graph.microsoft.com/v1.0/me
  • Click on the Save button to save the settings.
  • Click on the Test Configuration button.
  • Magento 2 OAuth credentials Azure AD B2C SSO OAuth
  • You will see all the values returned by your OAuth Provider to Magento in a table. If you don't see value for First Name, Last Name, Email or Username, make the required settings in your OAuth Provider to return this information.
  • The miniOrange Premium Plugin also provides you the the feature to auto redirect your user to the IdP Login Page.
  • Magento 2 OAuth auto redirect to idp
  • Go to the Sign In Settings tab and check options to enable SSO on your Magento site.
  • Magento 2 OAuth enable SSO
  • You have successfully configured your Magento 2 as an OAuth Client. You will see the SSO button on your frontend. Click on the button and test the SSO.
  • Magento 2 OAuth SSO Azure AD B2C SSO Azure AD B2C magento SSO magento 2 OAuth client SSO Azure B2C SSO

3: Attribute / Custom Mapping (Optional). *This is Premium feature.

  • You can map attributes in the Attribute Mapping tab. Only username and email are allowed to be mapped in free version of the plugin. However, in the premium version of the plugin, you can map various attributes coming from your OAuth Provider to the attributes present in your Magento site.
  • Magento 2 OAuth attribute mapping

4: Role Mapping (Optional). *This is Premium feature.

  • You can specify a default role in the free plugin that will be allocated to all non-admin users when they conduct SSO.
  • Go to Attribute/Role mapping tab and navigate to Role Mapping section.
  • Select the Default Role and click on the Save button.
  • Azure AD Magento SSO - Azure B2C Single Sign-On(SSO) Login in Magento - role mapping

By configuring Azure AD B2C as an OAuth Provider and Magento as an OAuth Client using our Magento OAuth Client plugin, you have successfully installed Magento Azure AD (Active Directory) B2C Single Sign-On (SSO). Within minutes, you'll be able to provide safe access to your Magento site utilising Azure AD B2C login credentials thanks to this solution.p>

Additional Resources


If you are looking for anything which you cannot find, please drop us an email on magentosupport@xecurify.com

Hello there!

Need Help? We are right here!

support
Contact miniOrange Support
success

Thanks for your inquiry.

If you dont hear from us within 24 hours, please feel free to send a follow up email to info@xecurify.com