Join Free or Sign in
Share:
My Cart 0
€0.00

Backend Single Sign On with Microsoft Azure

SKU
Backend Single Sign On with Microsoft Azure
€199.00

Allow your Magento 2 Backend User to login directly with Microsoft Azure without having to go through the account creation process. Your user management will be directly linked to your Magento 2 administration.

When your user goes to the login page, they will see the option to login with Single Sign-On. They simply click the button and after logging in he will be redirected to the admin dashboard. If the user does not exist, an user will be automatically created. They user will be given a default role unless you have made the mappings from Azure Groups to Magento Groups in the backend to provision the user with another role.

You can have your users connect to your Single Sign-On environment in no time, drastically increase your security policies and work with a single identity in your coorporate environment.


Compatibility Details

Magento 2.4.X

Extension v1.0
Installation Instructions
composer require gogento/sso-azure-backend "^240.1"

Single Sign-On with Microsoft Azure for your Magento 2 Backend

Allow your Magento 2 Backend User to login directly with Microsoft Azure without having to go through the account creation process. Your user management will be directly linked to your Magento 2 administration.

When your user goes to the login page, they will see the option to login with Single Sign-On. They simply click the button and after logging in he will be redirected to the admin dashboard. If the user does not exist, an user will be automatically created. They user will be given a default role unless you have made the mappings from Azure Groups to Magento Groups in the backend to provision the user with another role.

Our Single Sign-On solutions have been implemented in hundereds of webshops world wide, including Nokia, Canon, Castrol, Pearson, Dentons and numerous more. We have learned from every of these implementations and this is where you directly profit from

You can have your users connect to your Single Sign-On environment in no time, drastically increase your security policies and work with a single identity in your coorporate environment.


Extension Key Features

Single Sign-On

The user logs in at the identity provider and the means to it no longer mean anything to the webshop itself. It does not matter if its a password authentication, biometrical, voice activated, keycoded or multi-factor. The Identity Provider Manages the login credentials.

Single Logout

When the user logs in with Single Sign-On, it's possible to tell the Identity Provider upon logout, to terminate any open sessions. This results in a global logout on all websites whre the user is logged in. This feature can be separately enabled.

Fully Pre-Configured for Microsoft Azure

The extension is fully pre-configured so that you only have to fill in connection details and the rest will flow automatically. No manual mappings, no rocket science. Just install, follow the manual and you will have this integration running in a matter of minutes.

Dynamic Group Assignment

You can select a default group which a user will get after logging in. You can also map any additional groups you have in Azure to the groups that you have in Magento so that the user is assigned to the proper group on loging in.

Backend Firewall

Some companies dont want their admin to be visible to users prior to logging in. You can make your website a private website which will immediately redirect to the linked identity provider. After logging in, the user can see the admin dashboard.

Firewall Whitelisting

There are situations where you want pages to be visible to anyone, for example contact or help pages. You can set pages to be whitelisted and you can maintain a list of IP's which are not affected by the frontend firewall so they can navigate the website without having to login.




What is Microsoft Azure

Microsoft Azure is an enterprise solution which includes identity management for your employees, business relations and other involved parties.

You maintain all your users in one central location while Magento integrates with it and synchronizes the settings needed to login.

It supports several Single Sign-On protocols where SAML2 being the most secure and reliable solution. They also support the WS-Federation and OAuth2 protocols.

Our integration uses the SAML2 protocol to create the most stable and feature rich solution available.


Very simple setup

You can get started with a very simple setup. Since our extension comes preconfigured, you only need to setup the fundaments for it to work

Customizable in minutes

Our extension is customizable in minutes! It may seem that the extension is very basic but nothing is less true. The interface is kept basic to prevent problems with the integration but extending the functionality and the mappings of the extension is very simple


A Selection of Identity Providers We Work With


Microsoft Azure Integration

The newer version of Microsoft Active Directory exposure has simplified the integration for both sides of the connection a lot. Being less strict and easier to setup, an integration with Azure is equal to that of ADFS. It's a new interface built on top of the old Active Directory Federation Services.


Microsoft ADFS Integration

The original integration with ADFS is simply the process of setting the right metadata url's, certificates and attributes on both sides. After that it's a very reliable and consistent integration using the super secure SAML2 protocol.



OneLogin Integration

OneLogin has excellent SAML2 support and has a broad spectrum when it comes to mapping the data from your Identity Management to Magento 2. A straight forward but fully functional solution which a multitude of our customers use.


ForgeRock Integration

Formerly known as OpenAM, this identity provider is very suitable for large enterprises. We've implemented OpenAM and Forgerock for a large Australian client in no time.

Auth0 Integration

A Large selection of our customers use Auth0 for both their production environments and for testing. It allows you to setup connections with both SAML2 aswell as OAuth2 quickly and securely. The integrations which Auth0 offers with external solutions are very broad, making this a fine selection for a lot of our customers.

Okta Integration

Enterprise level identity management in the cloud. We've integrated a market leaders to Okta for a few years now and the integration is straight forward. Being one of the largest companies for Identity Management, they've proven themselves to be a powerful solution.


Google Integration

Google is one of the largest Identity Providers in the world today. Integrating with mainly OAuth2 and used by both business and personal users. Nearly every person in the world has a user account, available to login with these days.



SalesForce Integration

Originally a platform to maintain your sales process and customer relations, SalesForce has become a very feature-rich platform with solid integrations. They have a SAML2 integration available which we use.

Installation and Upgrade Details

We do not provide direct download links of our extensions as they are not needed and bad practise. Installing and maintaining the latest updates of your extensions using composer is the best and safest solution. If you do need a manual download, feel free to contact us for aid.

Installing an extension is the same process as upgrading an extension. You can run the exact same composer require command as you do with the installation with the new version set, to upgrade the extension


Step 1 - Setup composer authentication

To install our extensions you need to first setup the composer repository for your account.
You don't need to do this after every purchase, just after the very first purchase you make in our webshop. Your composer URL can be found in your account details and can be setup with composer by executing this command on your server in your Magento 2 root:

composer config repositories.gogento composer https://gogento.com/composer/customer/[your-composer-secret]

These instructions can also be found in your account details


Step 2 - Install the right version

Now find the closest version matching your Magento 2 installation and run the composer require command below.


Magento 2.4.X

Extension v1.0
composer require gogento/sso-azure-backend "^240.1"

Step 3 - Post Installation

After the extension installation you can proceed with the default deployment commands which are run after adding a new extension.

1. Upgrading the database schema

bin/magento setup:upgrade
2. Verify your deployment mode
bin/magento deploy:mode:show
3. Run if the above command returns "production"
bin/magento setup:di:compile
bin/magento setup:static-content:deploy [your locales]
4. Wrap up the deployment
bin/magento index:reindex
bin/magento cache:clean

07-09-2020 05:18:13

v1.0 for Magento 2.4.0

Initial commit for the azure backend integration for Magento 2.4.0
Recommended Installation Instructions
composer require gogento/sso-azure-backend "^240.1"
Fixed Version Installation Instructions
composer require gogento/sso-azure-backend "~240.1.0"

18-09-2020 03:51:08

v1.1 for Magento 2.4.0

Fixing code capitalization
Recommended Installation Instructions
composer require gogento/sso-azure-backend "^240.1"
Fixed Version Installation Instructions
composer require gogento/sso-azure-backend "~240.1.1"

Single Sign-On with Microsoft Azure for Magento 2 Administrative Users

This is the manual to our Single Sign-On extension for Microsoft Azure with your Magento 2 Backend.

We will go over the backend sections in detail and if you do have any other questions, you can always contact us via our chat or out support means on our website.


General Single Sign-On Configuration

Send registration welcome email on first login

When the account is created in the webshop, after a first login, you have the option to automatically send the welcome email which a customer would get on a normal registration. This setting only has effect in the frontend of Magento 2, if you bought a frontend integration.

CMS Page for failed login

When the login fails because the user registration cannot be completed, we set a landing page that the customer will be directed to. Usually if SSO fails, it means incomplete data at the identity provider, so therefor instructions to request support can be given on the landing page.

Admin visible for guests

In some occasions you want your webshop only to be visible to users who are logged in. If you set this to yes, the webshop will immediately redirect to the identity provider when the customer lands on any landingpage which is not set public. If you set this setting to "no", a whitelist option appears.


General SSO Settings In The Magento Backend



Azure Single Sign-On Configuration

After you created your Azure application in your azure account, go to Magento and fill in the following details.

Azure Application ID

After creating the Azure application, fill in the Application ID which can be found in your Azure account integration settings.

Federation Metadata Endpoint

In your Azure account go to "Tokens and Endpoints". Copy the federation metadata endpoint to this field. It should be a URL which ends with federationmetadata/2007-06/federationmetadata.xml

Single Sign-On Binding And Single Logout Binding

Keep this setting at the default, you do not need to change it. This is changeable because some users use specific binding settings in Azure. But if you changed this setting in Azure, you can enforce the binding used in these settings.

Solution Enabled

Go to the right scope where you want to enable Single Sign-On and set this setting to Yes, to enable it for the admin

Default User Role

The role which the user will get if its not mapped by an Azure Group

Roles

Map Azure Groups to Magento 2 Groups


Done!

After setting up the integration, the administrative user will see an Azure login button on the account login page.

Clicking it results in a redirect to Azure where the user will login to his account.



Microsoft Azure Login