Login via Azure AD (non personal accounts)


I'm trying to find a way to use our company Azure AD sub to login to our forum, however I see it only works with personal accounts, that makes it not suitable for our purpose.
So here's the question: is there a way to make this working with our business (domain) accounts?
I have no experience with Azure AD, but some quick search via Google indicates that OAuth 2 should work.

As there already is an open source PHP client for Azure AD, it shouldn't bt a much effort for an experienced developer to implement the necessary classes for XenForo so Azure AD could be used as a connected account provider.
I'm not sure why it's not officially supported as Azure AD is a such important SSO.
Well ...
Last time it has been asked [...] comes from 3 years ago
I'd say this is the answer for your question - there just isn't that much interest / need for SSO solutions.

I could be wrong, but I think the majoriy of XenForo installations are public websites where any consumer can participate, those installations don't need nor want SSO - if anything social login (Facebook, Twiter, Microsoft, Google, etc.) is sufficent for them.
In fact, with the recent actions of the illustrious Twitter, many sites are simply choosing to disable some SSO logins (specifically Twitter) since they seem to be MORE about getting more details that they can sell to others for additional profit. WHY do they need a telephone number for your developer account when it has worked fine for years without it, and WHY do they choose to disable the ability to use services such as Google Voice as a valid telephone number for their "requirement"?
I fully expect FB to implement similar restrictions in the future... and sorry, the ability for THEIR users to use existing social media accounts to log into my site does not over-ride the fact they want to harness MY data for THEIR increase in income.
Azure AD is restricted more than social, it is aimed to closed/company communities. It would open a larger audience to embrace XenForo as company tool because of the SSO (and embedded MFA), it is an opportunity. If considering that the Microsoft API is already there, I may expect that someone skilled enough with XenForo wouldn't need much effort to add it (as I said, i tried, but i got blocked mainly because of debugging: I didn't figured where I got it wrong).
I also tried to get in touch with a third party dev, but in the end I didn't liked how he asked to access our Azure AD admin interface for testing: that was a giant red flag to trust ppl....
So please, XenForo devs (or anyone that could help), consider to add it if it's not hard enough to do so.
Top Bottom