Custom Microsoft Identity Provider
Go to Azure Active Directory, and then go to App Registrations.
Click New Registration
- Enter a name for your application (we recommend using your organization name)
- Select Multitenant for the supported account types.
- Set the Redirect URI to:
For the Microsoft Enterprise Provider, please ensure that the account type is Multitenant
. This allows any Microsoft user to authenticate and log in. Single Tenant restricts login to your domain only.
- Click Register. After the application is created, take note of the Client ID
- Click on Certificates & Secrets, and then click on New client secret, name the description, set your desired expiry, and then click Add
- Set a reminder for yourself to replace this Secret before it expires. If the Secret expires, your users will no longer be able to log in with the provider.
- Your Secret value will be generated automatically, and you must copy this Secret value down immediately; the value will be hidden forever if you navigate away from the page, so you must regenerate a new one if the value is lost
Bread & Butter Setup:
- Go to https://app.breadbutter.io/sign-in/
- Click Sign In and authenticate (or Sign Up make a new account and authenticate).
- Navigate to Providers, then to Default Rules (or Domain Rules and open/create a domain module).
- Click "Sign in with Microsoft" button.
- Select "Set Microsoft for Production".
- Enter a custom name and description.
- Enter the Client ID from the Microsoft setup steps above.
- Enter the Client Secret from the Microsoft setup steps above.
- Click Save & Close.
- Click the checkbox next to your new Microsoft provider to enable it.