Azure AD Single Sign-On SSO Magento Setup Guide with OAuth OpenID Connect

Magento OAuth/OpenID Connect Single Sign-On module gives the ability to enable OAuth/OpenID Single Sign-On for Magento. If you want users to log in to your Magento site using their Azure AD credentials, you can simply do it using our Magento OAuth/OpenID Connect Single Sign-On module. Once you configure the Azure AD with the Magento module, you can allow users to SSO to your Magento site using Azure AD. To know more about other features we provide in the Magento OAuth/OpenID Connect Single Sign-On module, you can click here.


Step: 1: Download and Installation



  • You can download the miniOrange OAuth OpenID Connect SSO Free plugin from the Magento Marketplace.
  • Select Your Magento Store version from the Dropdown.
  • Click on Add to cart.
  • Go to the cart and checkout to buy the plugin.
  • Click on Download and save the miniOrange OAuth OpenID Connect SSO Plugin zip.
  • Unzip all contents of the zip inside the MiniOrange/OAuth directory.
  • Run the following commands on command prompt to enable the plugin-
  •       1. php bin/magento setup:upgrade

    Magento2 OAuth/OpenID/OIDC AWS Cognito Single Sign-On magento2 command for upgrade
          2. php bin/magento setup:di:compile

    Magento2 OAuth/OpenID/OIDC AWS Cognito Single Sign-On magento2 command for compile


  • Download the miniOrange OAuth OpenID Connect SSO plugin zip.
  • Go to magento root directory.
  • Create the new directories MiniOrange/OAuth inside the app/code directory.
  • Unzip all contents of the zip inside the MiniOrange/OAuth directory.
  • Run the following commands on command prompt to enable the plugin-
  •       1. php bin/magento setup:upgrade

    Magento2 OAuth/OpenID/OIDC AWS Cognito Single Sign-On magento2 command for upgrade
          2. php bin/magento setup:di:compile

    Magento2 OAuth/OpenID/OIDC AWS Cognito Single Sign-On magento2 command for compile

Step 2: Setup Azure Active Directory as OAuth Provider

  • Sign in to Azure portal.
  • Click on App Services and go to Manage Azure Active Directory.
  • OAuth/OpenID/OIDC Single Sign On (SSO), AzureAD SSO Login
  • In the left-hand navigation pane, click the App registrations service, and click New registration.
  • OAuth/OpenID/OIDC Single Sign On (SSO), AzureAD SSO App-Registration
  • Copy Callback URL from the miniOrange OAuth Client plugin (Configure OAuth tab) and save it under the Redirect URL textbox.
  • Magento2 OAuth/OpenID/OIDC aws congnito Single Sign-On Configure call back url
  • When finished, click Register. Azure AD assigns a unique Application ID to your application. Copy Application ID and the Directory ID , this will be your Client ID and Tenent ID.
  • Magento2 OAuth/OpenID/OIDC Azure AD Single Sign-On SSO), AzureAD SSO registration
  • Go to Certificates and Secrets from the left navigaton pane and click on New Client Secret. Enter description and expiration time and click on ADD option.
  • Magento2 OAuth/OpenID/OIDC Azure AD Single Sign-On(SSO), AzureAD SSO Overview
  • Copy value. This will be your Secret key.
  • Magento2 OAuth/OpenID/OIDC Azure AD Single Sign-On (SSO), AzureAD SSO secret-Key
  • Enter application Home page URL Logout Settings->Properties->Logout URL.

Step 3: Configuring Magento 2 as OAuth Client

  • After successfully configuring OAuth Provider, go to OAuth Provider tab and configure OAuth Provider Name, Client ID, Client Secret, Scope and provided endpoints. (You can copy these values in STEP 2 from the application dashboard.)

    Please refer below Endpoints to configure the OAuth client


    Scope: openid
    Authorize Endpoint: https://login.microsoftonline.com/tenant-id/oauth2/authorize
    Access Token Endpoint: https://login.microsoftonline.com/tenant-id/oauth2/token
    Get User Info Endpoint: https://login.windows.net/common/openid/userinfo
  • Click on the Save button to save the settings.
  • Click on the Test Configuration button.
  • Magento 2 OAuth credentials
  • You will see all the values returned by your OAuth Provider to Magento in a table. If you don't see value for First Name, Last Name, Email or Username, make the required settings in your OAuth Provider to return this information.
  • The miniOrange Premium Plugin also provides you the the feature to auto redirect your user to the IdP Login Page.
  • Magento 2 OAuth auto redirect to idp
  • Go to the Sign In Settings tab and check options to enable SSO on your Magento site.
  • Magento 2 OAuth enable SSO
  • You can map attributes in the Attribute Mapping tab. Only username and email are allowed to be mapped in free version of the plugin. However, in the premium version of the plugin, you can map various attributes coming from your OAuth Provider to the attributes present in your Magento site.
  • Magento 2 OAuth attribute mapping
  • You have successfully configured your Magento 2 as an OAuth Client. You will see the SSO button on your frontend. Click on the button and test the SSO.
  • Magento 2 OAuth SSO Magento 2 OAut client SSO
Hello there!

Need Help? We are right here!

support
Contact miniOrange Support
success

Thanks for your inquiry.

If you dont hear from us within 24 hours, please feel free to send a follow up email to info@xecurify.com