-
Notifications
You must be signed in to change notification settings - Fork 139
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Test the showcase with AD MFA. #614
Comments
@christophe-f just want to confirm, but is AD supposed to stand for Active Directory or Azure DevOps? |
Azure Directory |
@christophe-f so it appears the Azure Active Directory is now know as Microsoft Entra ID. Backstage currently has the Azure EasyAuth provider that authenticates users using Microsoft Entra ID (formerly Azure Active Directory) for PaaS service hosted in Azure that support Easy Auth, such as Azure App Services. I was wondering if this issue overlaps with this Jira issue involving testing Azure EasyAuth Provider? EDIT: nevermind, this one requires MFA to be configured. I currently don't have any instances where I can do that at the moment. I've confirmed that you can authenticate with Azure using Microsoft Entra ID at least using the Microsoft Azure Provider. |
Update: Authenticating using the azure auth provider for Azure Active Directory (now called Microsoft Entra ID) with Multi-Factor Authentication works. I used the 30 day Microsoft Entra ID P2 free trial to setup a test organization on Azure for Microsoft Entra ID. I setup an app with the permissions described in the backstage docs for the azure auth provider, and adding the proper web direct URL. Then I setup a test user for the organization and enforced MFA for the user. Then I logged in with the test user in an incognito tab to setup the 2FA app. Then I applied the configurations for the auth provider: auth:
environment: production
microsoft:
production:
clientId: ${AZURE_CLIENT_ID}
clientSecret: ${AZURE_CLIENT_SECRET}
tenantId: ${AZURE_TENANT_ID}
signInPage: microsoft When I sign-in, I get redirected to sign-in using an azure account and when I do, it asks for password and MFA. Once MFA is complete, the user is then able to login. |
What needs to be done?
The text was updated successfully, but these errors were encountered: