Login to Sitecore instance using Azure Active directory

Refer the below steps to integrate Sitecore Identity Server with Azure AD.

1. Create Application in Azure AD

Create an application in Azure Active directory and in Redirect URI, add the URL of your Sitecore Identity resource with suffix \”/signin-oidc\”.

Once your application will be created. Go to Authentication & enable ID tokens as illustrated below.

Click Save and then Go to Manifest & change the value of the \”groupMembershipClaims\” setting to \”SecurityGroup\”. This will instruct Azure AD to pass along the identifiers of all Security Groups the authenticated user is a member of in the claims back to Sitecore Identity.

Click on Save & then copy Application ID & Directory (tenant) ID which will be required in next steps.

2. Update Sitecore Identity instance configuration

Go to Identity service and open /Sitecore/Sitecore.Plugin.IdentityProvider.AzureAd.xml file.

Change the Enabled node to true.

In the ClientId and TenantId nodes, paste the GUIDs copied in above step.

3. Map group membership in Active Directory to roles in Sitecore

In this step, map a group of Azure Active Directory, which will become Administrators in our Sitecore instance.

Copy the Object ID which will be required in next steps

Again, go to Identity service and open /Sitecore/Sitecore.Plugin.IdentityProvider.AzureAd.xml file and add groups that contains the Object ID of our Azure AD group. This claim is being passed from Azure AD to our Sitecore Identity Server & it tells Sitecore that this user is an Administrator.

4. CM instance Configuration for Authentication

Go to CM instance & open Sitecore.Owin.Authentication.IdentityServer.config file located in App_Config/Sitecore/Owin.Authentication.IdentityServer and uncomment identity provider “SitecoreIdentitySever/IdS4-AzureAd” as shown below.

5. Now let’s test this & login to Sitecore Instance using Azure AD.

Enter your Azure AD credentials & your CM instance homepage will be opened.

I hope this information helped you. If you have any feedback, questions or suggestions for improvement please let me know in the comments section.

One thought on “Login to Sitecore instance using Azure Active directory”

Muhammad Hassan says:

August 6, 2020 at 5:52 pm

Fabulous post, you have denoted out some fantastic points, I likewise think this s a very wonderful website. I will visit again for more quality contents and also, recommend this site to all. Thanks. hotmail login

Share this:

Related

One thought on “Login to Sitecore instance using Azure Active directory”

Leave a comment Cancel reply