Configure Azure AD B2B

Azure Active Directory (Azure AD) business-to-business (B2B) allows you to share resources and collaborate with companies outside of your organization without having to manage the user identities of those external users.

For more information, see What is Azure AD B2B collaboration?

PREREQUISITES:
  • You must have an Azure AD subscription.
  • You must add Sitefinity CMS as a trusted provider in your Azure AD account.
  • You must obtain from Azure the Application ID and the Azure Domain Name.

To configure Azure AD B2B, you must configure the OpenIDConnect provider in Sitefinity CMS advanced settings.
Perform the following:

  1. In Sitefinity CMS backend, navigate to Administration » Settings » Advanced.
  2. In the left pane, expand SecurityTokenService » AuthenticationProviders and click OpenIDConnect.
  3. Fill out the following:
    • In Client ID, enter the unique GUID which is the Application ID in Azure.
    • In Response type, enter id_token
    • In Allowed scopes, enter openid profile rememberMe email
    • In Authority, enter
      https://login.microsoftonline.com/<your Azure domain name>.onmicrosoft.com/
    • In redirectUri, enter
      http://<your Sitefinity domain>/Sitefinity/Authenticate/OpenID/signin-custom

      NOTE: The redirectUri you enter must match the reply URL you configured in the Azure application's Settings » Reply URLs section. If there are more than one URLs, the redirectUri must match the first reply URL in the list.

    • In Post logout redirect URI, enter http://<your Sitefinity domain>
    • Select Enabled checkbox .
    • In Title, enter the text that will be displayed on the login button.
    • In Auto-assigned roles, enter the roles that the user will automatically acquire after the first login.
      For example, enter Administrators
    • Select Require email claim from this provider checkbox.
  4. Save your changes.

Was this article helpful?

Next article

Configure SSL