skip to Main Content

I’m tyring to setup django azure ad authentication using django-allauth but currently the documentations is not having proper documentation for setting up Azure ad.

I have client_id, secret and tenant_id with me. I have tried few configurations but it seems to be not working.
Config 1:

SOCIALACCOUNT_PROVIDERS = {
    'azure': {
        'APP': {
            'client_id': 'client_id',
            'secret': 'secret',
            'key': ''
        }
    }
}

Config 2:

SOCIALACCOUNT_PROVIDERS = {
    'azure': {
        'APP': {
            'client_id': 'client_id',
            'secret': 'secret',
            'key': '',
            'tenant_id': '',
        }
    }
}


I have experimented few more configuration but its seems to be not working
https://django-allauth.readthedocs.io/en/latest/providers.html

2

Answers


  1. As you say, the documentation is lacking on this integration. I was able to get Azure SSO working with the following configuration in settings for a single tenant app. First, make sure you have all of the following declared in INSTALLED APPS:

        "allauth",
        "allauth.account",
        "allauth.socialaccount",
        "allauth.socialaccount.providers.microsoft",
    

    Note the absence of .azure as a provider. My tests revealed that using .microsoft as the provider worked with my registered single tenant applications in Azure AD, where .azure did not, and would throw an error upon sign in. You did specify whether your app is single or multi-tenant.

    Secondly, declare your configuration as follows:

        SOCIALACCOUNT_PROVIDERS = {
            'microsoft': {
                    'tenant': secrets.AZURE_AD_TENANT_ID, 
                    'client_id': secrets.AZURE_AD_CLIENT_ID,
            }
        }
    

    secrets. is just my custom secret manager, the important part is the syntax and the IDs you pass. The ‘tenant’ here is not your subscription tenant ID, but the tenant ID that is displayed in the Overview blade of your registered application in Azure AD. The client_id is in the same Overview area, just above "Object ID" as of this writing. Note the absence of APP: {} above. This threw me at first too. I picked up a clue from this GitHub post.

    Finally, to get this to work, you must create a "Social Application" record in django-allauth’s admin panel inside the Django Admin. Give the app whatever name you want, and add both the ‘Client ID’ and the ‘Application Secret’ here from the Azure AD Registered Application.

    Login or Signup to reply.
  2. Just wanted to give an update on Milo’s answer. After some frustrated attempts of this not working, I checked in the release notes of the github project for django-allauth and noticed this comment on the 0.49.0 release:

    The Microsoft tenant setting must now be specified using uppercase TENANT.

    Simply changing the case of ‘tenant’ to ‘TENANT’ will make this work

    Login or Signup to reply.
Please signup or login to give your own answer.
Back To Top
Search