I'm working on an application that uses Azure AD as an identity provider. It works well, but the login experience is jarring when the user is taken from my application to the https://login.microsoftonline.com Azure hosted login page. In addition to losing all application branding, the user is unlikely to know that the tenant domain suffix must be appended to their username when entering credentials (e.g. bob
becomes [email protected]
). Is there any way of hosting a login page for Azure AD within my own application?
In the Azure portal, search for and select Azure AD B2C. Select User flows. Select a user flow you want to customize. Under Customize in the left menu, select Page layouts and then select a Template.
Microsoft makes single sign-on (SSO) free for all Azure AD customers.
Azure Active Directory (Azure AD) supports all OAuth 2.0 flows.
Azure Active Directory Seamless Single Sign-On (Azure AD Seamless SSO) automatically signs users in when they are on their corporate devices connected to your corporate network. When enabled, users don't need to type in their passwords to sign in to Azure AD, and usually, even type in their usernames.
Custom company branding is now available with Azure Active Directory Basic and Premium editions. You can customize some of the experience, with some text, images and logos.
No. You cannot either host login page, nor customize the login page of Azure AD.
The only login page that you can change/host/customize is the one of the Access Control Service. And this is because ACS acts as Federation Provider
, not as Identity Provider. And this is for security reasons.
What you may try is explore the OAuth 2.0 Resource's Owner Password Flow with AAD. However I never advise clients doing so for Web Applications.
If you are going to use AAD as a one-and-only-one
Identity Provider for your web application. And you will be managing all the sign-up, password expiry, password reset, etc. flows with AAD. And you want a total customization of the login page - I will suggest that you take a look at the Identity Server. Use management in this product is probably easier, and you can customize login page. And you will maintain the service.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With