Using Azure Active Directory for Authentication

Taylorsuk · February 12, 2021, 11:10am

I’m looking into creating an SSO authentication offering within our current parse server offering. This would see some users having the option of having SSO if their organisation is setup with an SSO capability.

For the first part we are proposing having the common two part login screen where the user first enters their email address before progressing. An API call is made and check on the parse server side is made to determine if this user is an SSO user. The response to the frontend app would be:

Display password input - they are a normal user
Forward the user to the Microsoft Login Portal for authentication and token allocation and return to the App.
Any errors etc…

A customer we are looking to build this for give us the following information:
a. They are running On Premises Active Directory
b. The On Prem AD syncs with Azure.

My questions are:

Can the authentication adaptor for Microsoft Graph (which comes with Parse Server) be used in this case?
Would there be specific Role / Level setup on the AD side in order to allow a login for this service?
What information do we need from this customer in order to setup this in a staging environment for development and testing?

Many thanks in advance.

davimacedo · February 12, 2021, 8:16pm

I believe you need to use the LDAP adapter: Parse Server Guide | Parse

Taylorsuk · February 12, 2021, 8:31pm

Rather than the Microsoft Graph adaptor? If their stack syncs with Azure, then I think that Azure / 365 Microsoft Auth Graph can be used? I don’t really know, hence asking

davimacedo · February 12, 2021, 9:28pm

AD uses LDAP protocol. I’ve seen other developers setting up it before but I’ve never tried myself.

DFC1990 · October 19, 2021, 4:18pm

Did you get the Ldap functionality activated? Unfortunately, I fail because of the configuration with Active Directory. Unfortunately, I can’t find the right “DN”