Enable signing in with a Microsoft account in Mage.
Register and use your own Mage application
Log into your Azure Portal
Click into the Microsoft Entra ID service
Navigate to the tenant you want users to sign into
Click App registrations on the left sidebar
Register a new application for Mage
http(s)://<your-mage-url>/oauth
.Create client secret for the application
Set environment variable for Mage
Name | Value |
---|---|
ACTIVE_DIRECTORY_DIRECTORY_ID | <tenant_id> |
ACTIVE_DIRECTORY_CLIENT_ID | <application_client_id> |
ACTIVE_DIRECTORY_CLIENT_SECRET | <application_client_secret> |
Use the default Mage application
Log into your Azure Portal
Click into the Microsoft Entra ID service
Navigate to the directory you want users to sign into
Click 'Properties' in the left sidebar
Copy the value under Tenant ID
Set environment variable for Mage
Name | ACTIVE_DIRECTORY_DIRECTORY_ID |
Value | <tenant_id> |
AZURE_HOST
environment variable to one of the following based on your environment:MICROSOFT_GRAPH_API_HOST
environment variable to one of the following basd on your environment:ACTIVE_DIRECTORY_ROLES_MAPPING
environment variable.
The value should be a JSON object with the AD role as the key and the name of the Mage role as the value. For example:
export ACTIVE_DIRECTORY_ROLES_MAPPING='{"Mage.Edit": "Editor", "Mage.Admin": "Admin"}'
You can find the AD role value in the App roles section of your application in the Azure Portal.