Integrating Auth0 With Azure Active Directory
Appendix
This is some information that you will find useful when completing Azure Active Directory and Auth0 integration.
Azure AD OpenID config endpoint
Azure AD Login URL
If you want to try logging into to your app registration on Azure AD to validate it is configured correctly to allow sign-in for your Azure AD user this can be done using the following URL:
https://login.microsoftonline.com/your-tenant-id/oauth2/v2.0/authorize?
client_id=your-app-registration-client-id
&response_type=code
&redirect_uri=your-app-registration-callback-url
&response_mode=query
&scope=offline_access%20user.read%20directory.read.all
&state=12345
After logging in you should be able to retrieve an authorization code in the URL. You can use this via Postman to post to the Azure AD token endpoint and retrieve a JWT as follows:
HTTP POST https://login.microsoftonline.com/your-tenant-id/oauth2/v2.0/token
HEADER
Content-Type: application/x-www-form-urlencoded
BODY
client_id: your-app-registration-client-id
code: your-authorization-code
redirect_uri: your-app-registration-redirect-uri
grant_type: authorization_code
client_secret: your-app-registration-client-secret
Auth0 Login URL
To login via Auth0 you can use the following URL:
https://auth0.com/docs/universal-login
client_id=your-auth0-app-clientId
&response_type=code
&audience=your-audience
&scope=openid%20profile%20offline_access
&redirect_uri=your-auth0-app-allowed-callback-url
&state=some-random-string
&code_challenge_method=your-code-challenge-method (i.e. S256)
&code_challenge=your-code-challenge
MS GRAPH Admin Consent Request
This may be useful if you are planning to use admin consent workflow when users log in and need to request permission for the app to access their MS Graph profile.
https://login.microsoftonline.com/your-tenant-id/oauth2/authorize?
client_id=your-app-registration-client-id
&response_type=code
&redirect_uri=your-app-registration-client-id
&resource=https://graph.microsoft.com
&prompt=admin_consent
Posted in: Mobile Apps, Progressive Web Applications, Systems Integration Tags: auth0, auth0 integration, azure active directory