Login via Azure AD (non personal accounts)
- Thread starter npole2000
- Start date
I have no experience with Azure AD, but some quick search via Google indicates that OAuth 2 should work.
As there already is an open source PHP client for Azure AD, it shouldn't bt a much effort for an experienced developer to implement the necessary classes for XenForo so Azure AD could be used as a connected account provider.
As there already is an open source PHP client for Azure AD, it shouldn't bt a much effort for an experienced developer to implement the necessary classes for XenForo so Azure AD could be used as a connected account provider.
I tried by modifying the current class (Microsoft), it only works on a certain point, but did come with no solution.
I'm not sure why it's not officially supported as Azure AD is a such important SSO.
Last time it has been asked (and without any reply) comes from 3 years ago: https://xenforo.com/community/threads/azure-ad-pass-through-auth.182677/
I'm not sure why it's not officially supported as Azure AD is a such important SSO.
Last time it has been asked (and without any reply) comes from 3 years ago: https://xenforo.com/community/threads/azure-ad-pass-through-auth.182677/
Well ...
I'd say this is the answer for your question - there just isn't that much interest / need for SSO solutions.
I could be wrong, but I think the majoriy of XenForo installations are public websites where any consumer can participate, those installations don't need nor want SSO - if anything social login (Facebook, Twiter, Microsoft, Google, etc.) is sufficent for them.
TPerry
Well-known member
In fact, with the recent actions of the illustrious Twitter, many sites are simply choosing to disable some SSO logins (specifically Twitter) since they seem to be MORE about getting more details that they can sell to others for additional profit. WHY do they need a telephone number for your developer account when it has worked fine for years without it, and WHY do they choose to disable the ability to use services such as Google Voice as a valid telephone number for their "requirement"?
I fully expect FB to implement similar restrictions in the future... and sorry, the ability for THEIR users to use existing social media accounts to log into my site does not over-ride the fact they want to harness MY data for THEIR increase in income.
I fully expect FB to implement similar restrictions in the future... and sorry, the ability for THEIR users to use existing social media accounts to log into my site does not over-ride the fact they want to harness MY data for THEIR increase in income.
Azure AD is restricted more than social, it is aimed to closed/company communities. It would open a larger audience to embrace XenForo as company tool because of the SSO (and embedded MFA), it is an opportunity. If considering that the Microsoft API is already there, I may expect that someone skilled enough with XenForo wouldn't need much effort to add it (as I said, i tried, but i got blocked mainly because of debugging: I didn't figured where I got it wrong).
I also tried to get in touch with a third party dev, but in the end I didn't liked how he asked to access our Azure AD admin interface for testing: that was a giant red flag to trust ppl....
So please, XenForo devs (or anyone that could help), consider to add it if it's not hard enough to do so.
I also tried to get in touch with a third party dev, but in the end I didn't liked how he asked to access our Azure AD admin interface for testing: that was a giant red flag to trust ppl....
So please, XenForo devs (or anyone that could help), consider to add it if it's not hard enough to do so.