Authentication
/
Social logins
/
Microsoft login
Last updated

Microsoft login

To allow users to log in with Microsoft, activate Microsoft login in the builder and create a Microsoft application to serve as the OAuth provider.

Follow these steps for a successful integration.

Enabling Microsoft login in builder

  1. Open the Frontegg portal.
  2. Click on the Login Box button.
  3. In the left panel, toggle Microsoft to on.

Microsoft-Login-1

After modifying any settings, commit your changes and publish them to apply across your environments.

Creating a Microsoft app

Complete the following steps to configure Microsoft login.

Moving between environments

When migrating a project between environments (e.g., from development to production), Frontegg automatically transfers your social login settings.

Step 1: Open Azure Active Directory

  1. In Microsoft Azure, go to Manage Microsoft Entra ID and select View.

Microsoft-Login-2

Step 2: Register your application

  1. Click on add, then click App registrations.

Microsoft-Login-3

  1. Configure the registration:
    • Name: Enter the name for your app.
    • Supported Account Types: Choose Accounts in any organizational directory (Any Microsoft Entra ID tenant - Multitenant) and personal Microsoft accounts (e.g. Skype, Xbox).
    • Redirect URI: Enter your application URL (use your Frontegg domain if using hosted login or your app domain if using embedded login) /account/social/success (e.g., http://localhost:3000/account/social/success).

Microsoft-Login-4

Step 3: Get Client ID and Client Secret

  1. Your Client ID is located on your app’s Overview page (look for Application (client) ID).

Microsoft-Login-5

  1. To create a client secret:
    • Go to Manage and then click on Certificates & secrets.
    • Click New client secret.
  2. Set an expiration time and description for your client secret.

Microsoft-Login-6

  1. Copy and save the Value of your client secret, as you will not be able to view it again later.

Microsoft-Login-7

Step 4: Enter credentials in Frontegg

  1. Go to [ENVIRONMENT] → Configurations ➜ Authentication → Social Logins.
  2. Click the Microsoft Manage button.

Microsoft-Login-8

  1. Enter your Client ID, Client Secret, and Redirect URL. Save and publish the settings.

Microsoft-Login-9

Step 5: Test the Microsoft login button

  1. Verify that the Microsoft login button appears on your login screen and redirects to the Microsoft OAuth consent screen.
  2. Test to confirm functionality.

Configuring Microsoft Login Permissions

By default, only invited users can log in with Microsoft. To allow new users to sign up via Microsoft, enable Allow Signup in the left panel of the Login Box builder.

Customizing authentication scopes for Microsoft

Scopes define the type of information your application can access after users grant permission. The generated access token includes these approved scopes. By default, Frontegg fetches user profile and email as standard scopes when users authenticate via their Microsoft account.

To add additional custom scopes, go to [ENVIRONMENT] → Configurations ➜ Authentication → Social logins → Custom → Scopes on the Frontegg portal. You can check Microsoft’s supported scopes here.