RegistryUI Documentation


Microsoft As Login Provider

RegistryUI can use a Microsoft Login Provider so users can log into RegistryUI using their Microsoft account. Before users can log in, the site administrator must add the user using Registry > Users & Groups and send an invitation email to the user with an invitation code. This invitation code is required when logging in using a Microsoft account the very first time.

In order to enable the Microsoft Login Provider at Admin > Login Providers, External Login tab, a Microsoft Application ID and Microsoft Client Secret must be obtained. This can be done on Microsoft's site at https://portal.azure.com/#blade/Microsoft_AAD_RegisteredApps/ApplicationsListBlade.

Microsoft Credentials

Select New registration and enter a name.
Select an option for Supported account types.
Enter the following as Redirect URIs:

https://yourregistry.yourcompany.com/signin-microsoft           or
http://yourregistry.yourcompany.com/signin-microsoft            (not recommended)

Then click the "Register" button.

Note the Application (client) ID and copy it to the "Microsoft Application ID" field of the Admin > Login Providers, External Login tab.

Microsoft Credentials

Then click Certificates & secrets (along the left menu bar) followed by the "New client secret" button.

Microsoft Credentials

Enter a Description for the new client secret, select an expiration and click Add.

Microsoft Credentials

Copy the generated Value of the new client secret to the "Microsoft Client Secret" of the Admin > Login Providers, External Login tab.

Make sure to select the "Use Microsoft" check box of the Admin > Login Providers, External Login tab to enable login using Microsoft accounts.