Prerequisites
Microsoft AD Sign In must be implemented by Commerce Vision. For 4.30+
Overview
Single sign-in using Microsoft Azure Active Directory allows your Website Users to authenticate and sign in with their Microsoft credentials. Access can be restricted, forced or granted by email address domain name.
Customer Experience
On the login page/popup, along with the userid/password method, sign in with Microsoft is available.
When the user selects this method, the system checks your site's settings to see if they can log in this way:
Restricted: If there is a restriction, they will be redirected to use the userid/password method.
Available: If there are no restrictions, the user can enter their Microsoft sign in details and have to approve it. If they're already signed into their Microsoft account, they will be logged in without having to approve it,
For administrators
On this page:
Additional Information
| Minimum Version Requirements |
|
|---|---|
| Prerequisites |
|
| Self Configurable |
|
| Business Function |
|
| B2B/B2C/Both |
|
| Third Party Costs |
|
Step-by-step guide
This guides you through the configurations for Microsoft Azure Sign-In for your site.
Before You Begin...
Have at hand the Application (Client) ID and Directory (Tenant) ID (if these have not been entered).
Configure Microsoft Sign-in
In the CMS, go to Settings → Settings → Feature Management → User → Third Party Logins
Click Configure.
Scroll down to the Microsoft section.
To enable this feature on your site, toggle ON Enabled.
- In Application (Client) ID, enter the application ID key, if it's not already there.
In Directory (Tenant) ID -For Single Tenant Use Only, enter the key if your application is for 'Single Tenant' (single directory), otherwise leave empty.
The Invalid User Message appears when the Microsoft User account cannot be linked to a registered User. If needed, change the message to suit.
- The Declined Consent Message displays if the User cancels before completing the authentication. They will be returned to the login page. If needed, change the message to suit.
- To specify domain-based rules, toggle ON Enable Domain Restrictions.
To force users from specific domains to use Microsoft Sign In, enter each domain, then press Enter or Tab.
To allow only certain domains to use Microsoft sign in, in Allowed Microsoft Sign In Domains, enter each domain, then press Enter or Tab.
In Microsoft Sign In Not Allowed Message, edit the message displayed to the user when they are not permitted to use Microsoft Sign In.
In Username/password Login Not Allowed Message, edit the message displayed to the user when they must use Microsoft Sign In.
To save your settings, click Save or Save & Exit.
Reset the dictionary to ensure changes are made live.
IMPORTANT - If using Microsoft Start App, restart the application.
Check Microsoft sign-in is now available on your website.
Edit Login Widgets
Edit relevant details shown to the user on:
- the Login Page: the Login Widget
- Login / Logout popup: the Login / Logout Widget.
Go to Content → Content → Pages & Templates → Accounts → Login Page OR Login Logout Modal Page
Edit User Messages
To edit messages displayed to the user:
- Go to Content → Content → Resources.
- Find the resource you want to edit. TIP - Enter 'thirdpartylogin' in Search.
List of messages resources used:
- rcThirdPartyLoginLinkingInfoMessage
- rcThirdPartyLoginMicrosoftDeclinedConsentMessage
- rcThirdPartyLoginMicrosoftInvalidUserMessage
rcThirdPartyLoginMicrosoftSignInNotAllowedMessage
rcThirdPartyLoginMicrosoftUserPassLoginNotAllowedMessage
- rcThirdPartyLoginRegistrationEmailAddressErrorMessage
- rcThirdPartyLoginRegistrationEmailAddressInfoMessage
- rcThirdPartyLoginRegistrationEmailAddressInvalidErrorMessage
Related Resources
There is no content with the specified labels
