Versions Compared

Old Version 18

changes.mady.by.user Documenter

Saved on

compared with

New Version Current

changes.mady.by.user Documenter

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.


Info
titlePrerequisites

Microsoft AD Sign In must be implemented by Commerce Vision. For 4.30+

Multiexcerpt include
MultiExcerptName4.29
PageWithExcerptLTS 2021 actual min. versions

Overview

Single sign-in using Microsoft Azure Active Directory allows your Website Users to authenticate and sign in with their Microsoft credentials. Access can be restricted, forced or granted by email address domain name.


Customer Experience

On the login page/popup, along with the userid/password method, sign in with Microsoft is available. If  

Image Added 

When the user selects this method, the system checks your site's settings will determine whether they can login. Unless restrictedto see if they can log in this way:

Restricted: If there is a restriction, they will be redirected to use the userid/password method.

Available: If there are no restrictions, the user can access their basic profile dataenter their Microsoft sign in details and have to approve it. If they are 're already signed into their Microsoft account at this time, they will be logged in without having to approve it,  

Image Removed 

Step-by-step guide

This guides you through the configurations for Microsoft Azure Sign-In for your site.

Before you begin: you have access to the Application (Client) ID and Directory (Tenant) ID, if applicable and these have not been entered.  

Configure Microsoft Sign-in in the CMS 

In the CMS, go to Settings → Settings → Feature Management → User
Click Configure.
Scroll down to the Microsoft section. 
Image Removed

  • To enable this feature on your site, toggle ON Enabled

    • For administrators

    Panel

    On this page:

    Table of Contents
    indent18px

    Additional Information

    Minimum Version Requirements


    Multiexcerpt
    MultiExcerptNameMinimum Version Requirements
    4.30


    Prerequisites


    Multiexcerpt
    MultiExcerptNamePre reqs

    Azure AD 


    Self Configurable


    Multiexcerpt
    MultiExcerptNameSelf Configurable

    Yes


    Business Function


    Multiexcerpt
    MultiExcerptNameBusiness Function
    Third party login


    B2B/B2C/Both


    Multiexcerpt
    MultiExcerptNameB2B/B2C/Both

    Both


    Third Party Costs


    Multiexcerpt
    MultiExcerptNameThird Party Costs

    n/a



    Step-by-step guide

    This guides you through the configurations for Microsoft Azure Sign-In for your site.

    Info
    titleBefore You Begin...

    Have at hand the Application (Client) ID and Directory (Tenant) ID (if these have not been entered).


    Configure Microsoft Sign-in

    1. In the CMS, go to Settings → Settings → Feature Management → User → Third Party Logins

    2. Click Configure.

    3. Scroll down to the Microsoft section. 
      Image Added


    4. To enable this feature on your site, toggle ON Enabled

    5. In Application (Client) ID, enter the application ID key, if it's not already there.
       

    6. In Directory (Tenant) ID -For Single Tenant Use Only, enter the key if your application is for 'Single Tenant' (single directory), otherwise leave empty.  

    7. The Invalid User Message appears when the Microsoft User account cannot be linked to a registered User. If needed, change the message to suit. 
      Image Modified

    8. The Declined Consent Message
    appears
    1. displays if the User cancels
    the authentication process
    1. before completing the
    sign in
    1. authentication. They will be returned to the login page. If needed, change the message to suit.
      Image Modified
    2. To specify domain-based rules, toggle ON Enable Domain Restrictions.

    3. To force users from specific domains to use Microsoft Sign In, enter each domain, then press Enter or Tab.

      Image Modified

    4. To allow only certain domains to use Microsoft sign in, in Allowed Microsoft Sign In Domains, enter each domain, then press Enter or Tab.

    5. In Microsoft Sign In Not Allowed Message, edit the message displayed to the user when they are not permitted to use Microsoft Sign In.

    6. In Username/password Login Not Allowed Message, edit the message displayed to the user when they must use Microsoft Sign In.

    7. To save your settings, click Save or Save & Exit.

    8. Reset the dictionary to ensure changes are made live. 

    9. IMPORTANT - If using Microsoft Start App, restart the application.

    10. Check Microsoft sign-in is now available on your website.


    Edit Login Widgets

    Edit relevant details shown to the user on:

    Go to ContentContentPages & TemplatesAccountsLogin Page  OR  Login Logout Modal Page

    Image Added


    Edit User Messages

    To edit messages displayed to the user:

    1. Go to ContentContentResources.

    2. Find the resource you want to edit. TIP - Enter 'thirdpartylogin' in Search. 
      Image Added
      List of messages resources used:

      1. rcThirdPartyLoginLinkingInfoMessage
      2. rcThirdPartyLoginMicrosoftDeclinedConsentMessage
      3. rcThirdPartyLoginMicrosoftInvalidUserMessage

      4. rcThirdPartyLoginMicrosoftSignInNotAllowedMessage

      5. rcThirdPartyLoginMicrosoftUserPassLoginNotAllowedMessage

      6. rcThirdPartyLoginRegistrationEmailAddressErrorMessage
      7. rcThirdPartyLoginRegistrationEmailAddressInfoMessage
      8. rcThirdPartyLoginRegistrationEmailAddressInvalidErrorMessage


    Related Resources

    Content by Label
    showLabelsfalse
    max10
    showSpacefalse
    excludeCurrenttrue
    cqllabel in ("user-website","social","user")= "integration" and title ~ "'microsoft'"

    Content by Label
    showLabelsfalse
    max10
    showSpacefalse
    excludeCurrenttrue
    cqllabel = "user-login" and title ~ "'login'"

    Content by Label
    showLabelsfalse
    showSpacefalse
    titleRelated widgets
    excludeCurrenttrue
    cqllabel = "widget" and text ~ "login social network"