Azure B2C Single Sign-On SSO Magento Setup Guide with OAuth OpenID Connect

Magento OAuth/OpenID Connect Single Sign-On module gives the ability to enable OAuth/OpenID Single Sign-On for Magento. If you want users to log in to your Magento site using their Azure B2C credentials, you can simply do it using our Magento OAuth/OpenID Connect Single Sign-On module. Once you configure the Azure B2C with the Magento module, you can allow users to SSO to your Magento site using Azure B2C. To know more about other features we provide in the Magento OAuth/OpenID Connect Single Sign-On module, you can click here.


Step 1: Download and Installation



  • You can download the miniOrange OAuth OpenID Connect SSO Free plugin from the Magento Marketplace.
  • Select Your Magento Store version from the Dropdown.
  • Click on Add to cart.
  • Go to the cart and checkout to buy the plugin.
  • Click on Download and save the miniOrange OAuth OpenID Connect SSO Plugin zip.
  • Unzip all contents of the zip inside the MiniOrange/OAuth directory.
  • Run the following commands on command prompt to enable the plugin-
  •       1. php bin/magento setup:upgrade

    Magento2 OAuth/OpenID/OIDC AWS Cognito Single Sign-On magento2 command for upgrade
          2. php bin/magento setup:di:compile

    Magento2 OAuth/OpenID/OIDC AWS Cognito Single Sign-On magento2 command for compile


  • Download the miniOrange OAuth OpenID Connect SSO plugin zip.
  • Go to magento root directory.
  • Create the new directories MiniOrange/OAuth inside the app/code directory.
  • Unzip all contents of the zip inside the MiniOrange/OAuth directory.
  • Run the following commands on command prompt to enable the plugin-
  •       1. php bin/magento setup:upgrade

    Magento2 OAuth/OpenID/OIDC AWS Cognito Single Sign-On magento2 command for upgrade
          2. php bin/magento setup:di:compile

    Magento2 OAuth/OpenID/OIDC AWS Cognito Single Sign-On magento2 command for compile

Step 2: Setup Azure Active Directory B2C as OAuth Provider

  • Sign in to Azure portal.
  • Go to Home and search Azure B2C in search bar and select Azure AD B2C.
  • Magento2 OAuth/OpenID/OIDC Azure B2C Single Sign-On OAuth/OpenID/OIDC Single Sign On (SSO), AzureB2C SSO Login Azure AD B2C.png
  • Click on Applications and then on Add option to add a new application.
  • Magento2 OAuth/OpenID/OIDC Azure B2C Single Sign-On OAuth/OpenID/OIDC Single Sign On (SSO), AzureB2C SSO Login Applications.png
  • Configure following options to create new application.
    • Enter a name for your application under the Name text field.
    • Select Yes from the options in front of Web APP and No from options in front of Allow Implicit Flow.
    • Copy Callback URL from the miniOrange OAuth Client plugin (Configure OAuth tab) and save it under the Redirect URL textbox.
    • Magento2 OAuth/OpenID/OIDC aws congnito Single Sign-On Configure call back url
    • Click on the Create button to create your application.
    • Magento2 OAuth/OpenID/OIDC Azure B2C Single Sign-On OAuth/OpenID/OIDC Single Sign On (SSO), AzureB2C SSO Login Create
  • Click on the Applications option under the Manage Menu in the left navigation bar and you will find your application listed there. Click on your application.
  • Magento2 OAuth/OpenID/OIDC Azure B2C Single Sign-On OAuth/OpenID/OIDC Single Sign On (SSO), AzureB2C SSO Login Applications option
  • Copy your Application ID and save it under your Client ID textbox in your miniOrange OAuth Client plugin. Then, click on the Keys option to generate a key.
  • Magento2 OAuth/OpenID/OIDC Azure B2C Single Sign-On OAuth/OpenID/OIDC Single Sign On (SSO), AzureB2C SSO Login Application ID
  • Click on the Generate Key option and enter key name and click on the Save option.
  • Magento2 OAuth/OpenID/OIDC Azure B2C Single Sign-On OAuth/OpenID/OIDC Single Sign On (SSO), AzureB2C SSO Login Generate Key
    • It will generate a random string which you will store as Client secret in your miniOrange OAuth Client plugin.
    • Magento2 OAuth/OpenID/OIDC Azure B2C Single Sign-On OAuth/OpenID/OIDC Single Sign On (SSO), AzureB2C SSO Login Client secret.png
  • Now, go to your dashboard and go to Azure Active Directory -> Properties. Copy the Directory ID and substitute this value whenever you need to enter Tenant ID in miniOrange OAuth Client plugin.
  • Magento2 OAuth/OpenID/OIDC Azure B2C Single Sign-On OAuth/OpenID/OIDC Single Sign On (SSO), AzureB2C SSO Login Azure Active Directory .png

    Step 2.2: How to create & add Policy

    • Go to User Flows tab and then click on New user flow.
    • Magento2 OAuth/OpenID/OIDC Azure B2C Single Sign-On OAuth/OpenID/OIDC Single Sign On (SSO), AzureB2C SSO user flow .png
    • Select a User flow type Sign up and Sign in then click on Create button.
    • Magento2 OAuth/OpenID/OIDC Azure B2C Single Sign-On OAuth/OpenID/OIDC Single Sign On (SSO), AzureB2C SSO Login sect user flow .png
    • Fill all the information e.g. Name, Identity providers, etc. then click on Create button.
    • Magento2 OAuth/OpenID/OIDC Azure B2C Single Sign-On OAuth/OpenID/OIDC Single Sign On (SSO), AzureB2C SSO Login information of user flow .png
    • Copy the Policy name this value whenever you need to enter Azure B2C Policy in miniOrange OAuth Client plugin.

    Step 3: Configuring Magento 2 as OAuth Client

    • After successfully configuring OAuth Provider, go to OAuth Provider tab and configure OAuth Provider Name, Client ID, Client Secret, Scope and provided endpoints. (You can copy these values in STEP 2 from the application dashboard.)

      Please refer below Endpoints to configure the OAuth client:


      Scope: openid
      Authorize Endpoint: https://tenant.b2clogin.com/tenant.onmicrosoft.com/policy/oauth2/v2.0/authorize
      Access Token Endpoint: https://tenant.b2clogin.com/tenant.onmicrosoft.com/policy/oauth2/v2.0/token
      Get User Info Endpoint: https://graph.microsoft.com/v1.0/me
    • Click on the Save button to save the settings.
    • Click on the Test Configuration button.
    • Magento 2 OAuth credentials
    • You will see all the values returned by your OAuth Provider to Magento in a table. If you don't see value for First Name, Last Name, Email or Username, make the required settings in your OAuth Provider to return this information.
    • The miniOrange Premium Plugin also provides you the the feature to auto redirect your user to the IdP Login Page.
    • Magento 2 OAuth auto redirect to idp
    • Go to the Sign In Settings tab and check options to enable SSO on your Magento site.
    • Magento 2 OAuth enable SSO
    • You can map attributes in the Attribute Mapping tab. Only username and email are allowed to be mapped in free version of the plugin. However, in the premium version of the plugin, you can map various attributes coming from your OAuth Provider to the attributes present in your Magento site.
    • Magento 2 OAuth attribute mapping
    • You have successfully configured your Magento 2 as an OAuth Client. You will see the SSO button on your frontend. Click on the button and test the SSO.
    • Magento 2 OAuth SSO Magento 2 OAut client SSO

    Additional Resources

Hello there!

Need Help? We are right here!

support
Contact miniOrange Support
success

Thanks for your inquiry.

If you dont hear from us within 24 hours, please feel free to send a follow up email to info@xecurify.com