key: azure
title: Azure Active Directory
description: Azure Active Directory (Azure AD) is Microsoft’s multi-tenant, cloud-based directory, and identity management service that combines core directory services, application access management, and identity protection into a single solution.
author: requarks.io
logo: https://static.requarks.io/logo/azure.svg
color: blue darken-3
website: https://azure.microsoft.com/services/active-directory/
isAvailable: true
useForm: false
scopes:
  - profile
  - email
  - openid
props:
  entryPoint:
    type: String
    title: Identity Metadata Endpoint
    hint: The metadata endpoint provided by the Microsoft Identity Portal that provides the keys and other important information at runtime.
    order: 1
  clientId:
    type: String
    title: Client ID
    hint: The client ID of your application in AAD (Azure Active Directory)
    order: 2
  cookieEncryptionKeyString:
    type: String
    title: Cookie Encryption Key String
    hint: Random string with 44-character length.  Setting this enables workaround for Chrome's SameSite cookies.
    order: 3
  allowHttp:
    type: Boolean
    title: Allow Http
    hint: Enable HTTP for redirect URIs, ideal for localhost use without requiring debug mode in Wiki.js.
    default: false
    order: 4
  clientSecret:
    type: String
    title: Client Secret
    hint: When configured, this setting mandates the module to exclusively utilize the Authorization Code Flow for authentication. To enable this, you are required to create a secret within the Azure Portal. This is achieved by accessing the "Authentication" section found in the settings of your registered application.
    order: 5
  issuerList:
    type: String
    title: Alternate Issuer List
    multiline: true
    hint: '
        Alternate issuers to allow. Each line should specify an issuer string. A typical format for the v2 endpoint resembles: https://login.microsoftonline.com/YOUR-TENANT-ID/v2.0. 
        Pro Tip: To retrieve metadata about your tenant, navigate to https://login.microsoftonline.com/TENANT-NAME/v2.0/.well-known/openid-configuration in your web browser. 
        For instance, to obtain information for a tenant named example.com, you would visit: https://login.microsoftonline.com/example.com/v2.0/.well-known/openid-configuration. This URL provides detailed metadata concerning the specified tenant.
        Locate the "issuer" field, which holds the issuer string. Simply copy its contents and paste them here for use.
        Useful when using common or organizations endpoints (for multi-tenant auths).
     '
    order: 6