Microsoft Sign In is available for sites on 4.30+  and must be implemented by Commerce Vision. Please contact us for more information.


Single sign-in using Microsoft Azure Active Directory allows your Website Users to authenticate and sign in with their Microsoft credentials. Access can be restricted, forced or granted by email address domain name. When the feature is enabled, on the login page, along with usual login to the website by email and password, sign in with Microsoft is offered. Depending on settings, the system will check whether that the login option the user selects is valid. If the Microsoft option is selected and the user is valid, the popup will ask them to grant permission to sign in and access their basic profile data. If the user is already signed into their Microsoft account at this time, they will be logged in without having to approve it,  


Let your customers use their Microsoft Azure credentials to authenticate and sign into your website.  

Step-by-step guide

This guides you through the configurations for Microsoft Azure Sign-In for your site. It also assumes you have access to the Application (Client) ID and Directory (Tenant) ID, if applicable, if these have not been entered.  

Configure Microsoft Sign-in in the CMS 

  1. In the CMS, navigate to Settings → Feature Management → User

  2. If not enabled, toggle on Third Party Login.

  3. Click Configure.

  4. Scroll down to the Microsoft section. 

  5. To enable this feature, toggle ON Enabled

  6. In Application (Client) ID, enter the application ID key, if it is not already there. 

  7. In Directory (Tenant) ID -For Single Tenant Use Only, enter the key if your application is for 'Single Tenant' (single directory), otherwise leave empty.  

  8. The Invalid User Message appears when the Microsoft User account cannot be linked to a registered User. Change the message if you require. 

  9. The Declined Consent Message appears if the User cancels the authentication process before completing the sign in. They will be returned to the login page. Change the message if you require.

  10. To specify domain-based rules, toggle ON Enable Domain Restrictions.

  11. To force users from specific domains to use Microsoft Sign In, enter each domain, then press Enter or Tab.

  12. To allow only certain domains to use Microsoft sign in, in Allowed Microsoft Sign In Domains, enter each domain, then press Enter or Tab.

  13. In Microsoft Sign In Not Allowed Message, edit the message displayed to the user when they are not permitted to use Microsoft Sign In.

  14. In Username/password Login Not Allowed Message, edit the message displayed to the user when they must use Microsoft Sign In.

  15. To save your settings, click Save or Save & Exit.

  16. Reset the dictionary to ensure changes are made live. IMPORTANT - If using Microsoft Start App, restart the application.

  17. Check Microsoft sign-in is now available on your website.

Additional Information

Microsoft Sign-In for BPD

Minimum Version Requirements



'Third Party Login' must be enabled.

Self Configurable


Business Function

Third party login

BPD Only?




Third Party Costs


Related Resources