This document summarizes a Sitecore user group session on using Azure Active Directory and multifactor authentication with Sitecore. The session covered topics like OAuth, configuring Azure AD and policies, multifactor authentication, and the OAuth process flow. The presenter demonstrated signing up and signing in users with Azure AD authentication in Sitecore, restricting access to certain pages to only authenticated users. The presentation provided information on integrating Azure AD and multifactor authentication into Sitecore to provide secure authentication.
2. SITECORE WITH AZURE AD AND
MULTIFACTOR AUTHENTICATION
• Presented By Pratik Wasnik
• 3 years in Sitecore
• Senior Software Engineer at Techaspect
• Linkedin Profile Link
• https://www.linkedin.com/in/pratik-wasnik-29904777/
3. TOPICS
• What is OAuth ?
• What are the points required for Azure AD and Policies?
• What is multifactor authentication?
• Process Flow of OAuth
• Sitecore changes explanation
• Demo
4. WHAT IS OAUTH ?
• OAuth (Open Authorization) is an open standard for token-based authentication and
authorization on the Internet. OAuth, which is pronounced "oh-auth," allows an end
user's account information to be used by third-party services, such as Facebook ,
Google, Microsoft etc. without exposing the user's password.
5. ADVANTAGES OF OAUTH
• 1. (Important one) You can use the same login for web as well as native(mobile) apps
• 2. You don't have to save session information on the server
• 3. You can easily set expiry date in token itself
• 4. Simplicity
6. POINTS REQUIRED FOR AZURE AD AND
POLICIES
• In Azure create Active Directory, Application and Signup and Signin policies for the same
application.
• For this demo B2C type is used for creating the application.
• In policies , add the settings as per requirement.
8. SITECORE CHANGES TO BE DONE
• Create a patchup file and add entries related with Azure policies and endpoints in that
file.
• Also , add custom processors in the same file.
• Set loginPage in that file
• Add require login for the restricted item.
• In IIS add binding with https protocol only.
9. DEMO
• Signing up and signing in of user
• Pages used :
• a) home (not restricted)
• b) demo which is restricted page