Infrastructure/logto
0
Fork 0
mirror of https://github.com/logto-io/logto.git synced 2025-01-13 21:30:30 -05:00
Code Issues Activity

refactor(connector): update aad connector (#4435)

Browse source
This commit is contained in:
Gao Sun 2023-09-05 14:31:15 +08:00 committed by GitHub
parent bbdf57b369
commit c18eb490cd
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 20 additions and 9 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

24
packages/connectors/connector-azuread/README.md
View file

@ -5,6 +5,7 @@ The Microsoft Azure AD connector provides a succinct way for your application to
**Table of contents**
- [Microsoft Azure AD connector](#microsoft-azure-ad-connector)
- [Set up Microsoft Azure AD in the Azure Portal](#set-up-microsoft-azure-ad-in-the-azure-portal)
- [Fill in the configuration](#fill-in-the-configuration)
- [Configure your client secret](#configure-your-client-secret)
- [Config types](#config-types)
- [References](#references)
@ -13,18 +14,27 @@ The Microsoft Azure AD connector provides a succinct way for your application to
- Visit the [Azure Portal](https://portal.azure.com/#home) and sign in with your Azure account. You need to have an active subscription to access Microsoft Azure AD.
- Click the **Azure Active Directory** from the services they offer, and click the **App Registrations** from the left menu.
- Click **New Registration** at the top and enter a description, select your **access type** and add your **Redirect URI**, which redirect the user to the application after logging in. In our case, this will be `${your_logto_origin}/callback/${connector_id}`. e.g. `https://logto.dev/callback/${connector_id}`. You need to select Web as Platform. The `connector_id` can be found on the top bar of the Logto Admin Console connector details page.
- Click **New Registration** at the top and enter a description, select your **access type** and add your **Redirect URI**, which redirect the user to the application after logging in. In our case, this will be `${your_logto_endpoint}/callback/${connector_id}`. e.g. `https://foo.logto.app/callback/${connector_id}`. (The `connector_id` can be also found on the top bar of the Logto Admin Console connector details page)
- You need to select Web as Platform.
- If you select **Sign in users of a specific organization only** for access type then you need to enter **TenantID**.
- If you select **Sign in users with work and school accounts or personal Microsoft accounts** for access type then you need to enter **common**.
- If you select **Sign in users with work and school accounts** for access type then you need to enter **organizations**.
- If you select **Sign in users with personal Microsoft accounts (MSA) only** for access type then you need to enter **consumers**.
## Configure your client secret
- In your newly created project, click the **Certificates & Secrets** to get a client secret, and click the **New client secret** from the top.
- Enter a description and an expiration.
- This will only show your client secret once. Save the **value** to a secure location.
> You can copy the `Callback URI` in the configuration section.
### Config types
## Fill in the configuration
In details page of the newly registered app, you can find the **Application (client) ID** and **Directory (tenant) ID**.
For **Cloud Instance**, usually it is `https://login.microsoftonline.com/`. See [Azure AD authentication endpoints](https://learn.microsoft.com/en-us/azure/active-directory/develop/authentication-national-cloud#azure-ad-authentication-endpoints) for more information.
## Configure your client secret
- In your newly created application, click the **Certificates & Secrets** to get a client secret, and click the **New client secret** from the top.
- Enter a description and an expiration.
- This will only show your client secret once. Fill the **value** to the Logto connector configuration and save it to a secure location.
## Config types
| Name | Type |
| ------------- | ------ |
@ -34,4 +44,4 @@ The Microsoft Azure AD connector provides a succinct way for your application to
| cloudInstance | string |
## References
* [Web app that signs in users](https://docs.microsoft.com/en-us/azure/active-directory/develop/scenario-web-app-sign-user-overview?tabs=nodejs)
* [Web app that signs in users](https://docs.microsoft.com/en-us/azure/active-directory/develop/scenario-web-app-sign-user-overview)

3
packages/connectors/connector-azuread/src/constant.ts
View file

@ -43,7 +43,8 @@ export const defaultMetadata: ConnectorMetadata = {
type: ConnectorConfigFormItemType.Text,
required: true,
label: 'Cloud Instance',
placeholder: '<cloud-instance>',
placeholder: 'https://login.microsoftonline.com',
defaultValue: 'https://login.microsoftonline.com',
},
{
key: 'tenantId',