Skip to content

different-technology/azure-ad-be

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

11 Commits
Classes
Classes
 
 
Resources
Resources
 
 
LICENSE
LICENSE
 
 
Readme.md
Readme.md
 
 
composer.json
composer.json
 
 
ext_emconf.php
ext_emconf.php
 
 
ext_localconf.php
ext_localconf.php
 
 

Repository files navigation

Microsoft Entra ID - TYPO3 Backend Login

Former title: Azure Active Directory - TYPO3 Backend Login

Setup

Add the following env parameters:

TYPO3_AZURE_AD_BE_CLIENT_ID=<your-client-id>
TYPO3_AZURE_AD_BE_CLIENT_SECRET=<your-secret>
TYPO3_AZURE_AD_BE_URL_AUTHORIZE=https://login.microsoftonline.com/<see-your-endpoints>/oauth2/v2.0/authorize
TYPO3_AZURE_AD_BE_URL_ACCESS_TOKEN=https://login.microsoftonline.com/<see-your-endpoints>/oauth2/v2.0/token

Group permissions

You may wish to affect the users permissions or properties depending on which Entra ID / Azure AD group they are in.

Ensure your application has Directory.Read.All permissions.

In your site_package ext_localconf.php, create an array where the group display name is the index and the affected be_user properties are the values. This array gets merged in order from top to bottom for each group the user is a member of.

For example:

$GLOBALS['TYPO3_CONF_VARS']['EXTCONF']['azure_ad_be']['groups'] = [
	'admin-group-name' => [
		'admin' => 1
	],
	'editor-group' => [
		'usergroup' => 12
	]
];

Disable TYPO3 login

If you want to disable logging in via username and password, add the following to your ext_localconf.php

unset($GLOBALS['TYPO3_CONF_VARS']['EXTCONF']['backend']['loginProviders'][1433416747]);

About

No description, website, or topics provided.

Resources

Readme

License

Apache-2.0 license
Activity
Custom properties

Stars

0 stars

Watchers

1 watching

Forks

1 fork
Report repository

Releases

4 tags

Packages

 
 
 

Contributors 2

Languages