I’m tyring to setup django azure ad authentication using django-allauth but currently the documentations is not having proper documentation for setting up Azure ad.
I have client_id, secret and tenant_id with me. I have tried few configurations but it seems to be not working.
Config 1:
SOCIALACCOUNT_PROVIDERS = {
'azure': {
'APP': {
'client_id': 'client_id',
'secret': 'secret',
'key': ''
}
}
}
Config 2:
SOCIALACCOUNT_PROVIDERS = {
'azure': {
'APP': {
'client_id': 'client_id',
'secret': 'secret',
'key': '',
'tenant_id': '',
}
}
}
I have experimented few more configuration but its seems to be not working
https://django-allauth.readthedocs.io/en/latest/providers.html
2
Answers
As you say, the documentation is lacking on this integration. I was able to get Azure SSO working with the following configuration in settings for a single tenant app. First, make sure you have all of the following declared in
INSTALLED APPS
:Note the absence of
.azure
as a provider. My tests revealed that using.microsoft
as the provider worked with my registered single tenant applications in Azure AD, where.azure
did not, and would throw an error upon sign in. You did specify whether your app is single or multi-tenant.Secondly, declare your configuration as follows:
secrets.
is just my custom secret manager, the important part is the syntax and the IDs you pass. The ‘tenant’ here is not your subscription tenant ID, but the tenant ID that is displayed in the Overview blade of your registered application in Azure AD. Theclient_id
is in the same Overview area, just above "Object ID" as of this writing. Note the absence ofAPP: {}
above. This threw me at first too. I picked up a clue from this GitHub post.Finally, to get this to work, you must create a "Social Application" record in django-allauth’s admin panel inside the Django Admin. Give the app whatever name you want, and add both the ‘Client ID’ and the ‘Application Secret’ here from the Azure AD Registered Application.
Just wanted to give an update on Milo’s answer. After some frustrated attempts of this not working, I checked in the release notes of the github project for django-allauth and noticed this comment on the 0.49.0 release:
Simply changing the case of ‘tenant’ to ‘TENANT’ will make this work