Umbraco.Community.AzureSSO 1.3.0

There is a newer version of this package available.
See the version list below for details.
dotnet add package Umbraco.Community.AzureSSO --version 1.3.0                
NuGet\Install-Package Umbraco.Community.AzureSSO -Version 1.3.0                
This command is intended to be used within the Package Manager Console in Visual Studio, as it uses the NuGet module's version of Install-Package.
<PackageReference Include="Umbraco.Community.AzureSSO" Version="1.3.0" />                
For projects that support PackageReference, copy this XML node into the project file to reference the package.
paket add Umbraco.Community.AzureSSO --version 1.3.0                
#r "nuget: Umbraco.Community.AzureSSO, 1.3.0"                
#r directive can be used in F# Interactive and Polyglot Notebooks. Copy this into the interactive tool or source code of the script to reference the package.
// Install Umbraco.Community.AzureSSO as a Cake Addin
#addin nuget:?package=Umbraco.Community.AzureSSO&version=1.3.0

// Install Umbraco.Community.AzureSSO as a Cake Tool
#tool nuget:?package=Umbraco.Community.AzureSSO&version=1.3.0                

Umbraco.Community.AzureSSO

Add Azure AD SSO to Umbraco v10-11 sites. This will allow you to automatically create Umbraco user accounts for users in your AD. This will then associate the Umbraco users with groups based on their AD group, and the configuration below.

First you, or an Azure AD administration will need to create an App Registration in the Azure Portal which will be used to authenticate the site against Azure AD. Follow these instructions to setup the new App Registration

To install dotnet add package Umbraco.Community.AzureSSO

In startup.cs under ConfigureServices add:

.AddMicrosoftAccountAuthentication()

In the services.AddUmbraco bindings

For example:

var builder = services.AddUmbraco(_env, _config)
  .AddBackOffice()
	.AddWebsite()
	.AddComposers()
	.AddMicrosoftAccountAuthentication()
	.AddAzureBlobMediaFileSystem();

To configure add the following section to the root of your appsettings.json file and customise as appropriate

"AzureSSO": {
    "Credentials": {
        "Instance": "https://login.microsoftonline.com/",
        "Domain": "<domain>",
        "TenantId": "<tenantId>",
        "ClientId": "<clientId>",
        "CallbackPath": "/umbraco-microsoft-signin/",
        "SignedOutCallbackPath ": "/umbraco-microsoft-signout/",
        "ClientSecret": "<clientSecret>"
    },
    "DisplayName": "Azure AD",
    "DenyLocalLogin": true,
    "AutoRedirectLoginToExternalProvider": true,
    "TokenCacheType": "InMemory",
    "GroupBindings": {
        "<AD group>": "<umbraco group>",
        "<another AD group>": "<umbraco group>"
    },
    "SetGroupsOnLogin": true,
    "DefaultGroups": [
		"editor"
	],
    "Icon": "fa fa-lock",
    "ButtonStyle": "btn-microsoft",
},

You'll need to configure these settings based on the values in Azure:

Setting Description
Domain The value in Primary domain in the Azure Active Directory Overview
TenantId The value in Directory (tenant) ID on the app registration Overview
ClientId The value in Application (Client) ID on the app registration Overview
ClientSecret The client secret created for the app registration

You can also customise the configuration by setting these settings:

Setting Description
DisplayName The display name for use on the login button
Icon The class name for the icon to use
ButtonStyle The class name for the button style
AutoRedirectLoginToExternalProvider Automatically redirect to the external login provider
DenyLocalLogin Allow users to login via Umbraco's standard login
GroupBindings The bindings for AD group to Umbraco group
SetGroupsOnLogin Whether or not to reset the users assigned groups on each login
TokenCacheType Token Cache Type to use: InMemory, Session, Distributed (defaults to InMemory)
DefaultGroups The groups to assign to users regardless of any AD groups assigned (defaults to none)

ButtonStyle

The standard set is shown at https://lipis.github.io/bootstrap-social/

Group Bindings

To bind these you'll need to specify the active directory group and then the matching Umbraco group.

For example we use: "GIBE\Producers" : "editors" to bind everyone in the GIBE\Producers group to the Umbraco editors group.

Beware these will be reset on each login, so changing groups in umbraco will only take effect until the user next logs in. If a user is removed from an AD group they'll automatically be removed from the matching Umbraco group on next login.

Alternate Group Bindings using Group Id

If you are having problems with NET BIOS group names, you can set the groups claim in the App Registration to use Group Id rather than NetBIOSDomain\sAMAccountName

image

You can now use the guid format for the Group Id like: "xxxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxx": "admin", "44a38651-xxxx-4c92-b1b6-51cf26ff9bab": "editor"

Product Compatible and additional computed target framework versions.
.NET net6.0 is compatible.  net6.0-android was computed.  net6.0-ios was computed.  net6.0-maccatalyst was computed.  net6.0-macos was computed.  net6.0-tvos was computed.  net6.0-windows was computed.  net7.0 is compatible.  net7.0-android was computed.  net7.0-ios was computed.  net7.0-maccatalyst was computed.  net7.0-macos was computed.  net7.0-tvos was computed.  net7.0-windows was computed.  net8.0 was computed.  net8.0-android was computed.  net8.0-browser was computed.  net8.0-ios was computed.  net8.0-maccatalyst was computed.  net8.0-macos was computed.  net8.0-tvos was computed.  net8.0-windows was computed. 
Compatible target framework(s)
Included target framework(s) (in package)
Learn more about Target Frameworks and .NET Standard.

NuGet packages

This package is not used by any NuGet packages.

GitHub repositories

This package is not used by any popular GitHub repositories.

Version Downloads Last updated
2.2.0 685 10/24/2024
2.1.0 1,351 8/6/2024
2.0.0 1,323 7/12/2024
1.4.0 6,780 1/12/2024
1.3.0 921 10/4/2023
1.2.0.34 2,747 6/28/2023
1.1.1.25 424 3/31/2023
1.1.0.22 208 3/30/2023
1.0.0.9 240 3/17/2023
1.0.0.8 246 3/13/2023