Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Reply address #8

Open
betterapp opened this issue Mar 12, 2024 · 1 comment
Open

Reply address #8

betterapp opened this issue Mar 12, 2024 · 1 comment

Comments

@betterapp
Copy link

betterapp commented Mar 12, 2024
edited
Loading

I need to test SSO plugin on Your server https://demo.pimcore.blackbit.de (before we buy it) for SSO Azure Login.
Can You tell me what Replay address should we set on Azure side for OpenID connection ?

We can use only domain (https://demo.pimcore.blackbit.de) or with some additional path ?

@BlackbitDevs
@BlackbitDevs
Copy link
Collaborator

Here are the steps to set up Azure AD SSO login (copied from Readme - maybe I should publish this...):

Microsoft Azure Active Directory

To use Azure AD as authentication provider, you have to create a new Azure AD app:

  1. Log in to your Azure account and navigate to Azure Active Directory > App registrations.
  2. Select + New registration to create a new app.
  3. Enter a name of your choice in the Name field.
  4. Set Redirect URI to https://your-pimcore.com/sso/redirect - please replace the domain name to your real one.
  5. Click Register
  6. Copy the Application (client) ID from the app configuration page and paste it in the Pimcore SSO configuration's field Client ID.
  7. Navigate to the app’s configuration page. If you just completed the previous step, you should already be on this page. Otherwise, search for your app name in the App registrations list.
  8. Select Certificates & secrets.
  9. Select + New client secret. Provide a description and an expiration length that follows your security organization’s guidelines. Then click Add.
  10. Copy the newly-created client secret and paste it in the Pimcore SSO configuration's field Client Secret.
  11. In Pimcore SSO configuration, as Discovery URL enter https://login.microsoftonline.com/[TENANT]/.well-known/openid-configuration - please replace [TENANT] with your tenant id.
  12. In Pimcore SSO configuration, as Scopes use openid, profile, email
  13. In user field mappings assign:
Pimcore field Azure AD field
Username / login unique_name
Given name given_name
Family name family_name
Email unique_name
Groups / Roles groups

So to answer your question: The callback URL in the Azure app has to be https://demo.pimcore.blackbit.de/sso/redirect

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@betterapp @BlackbitDevs