Custom Microsoft Identity Provider

Last updated 03/23/2023

Step 1

Log in to the your Azure Portal:

https://portal.azure.com/

Don't have an account yet? Sign up with Microsoft Azure.


Step 2

Go to Azure Active Directory, and then go to App Registrations.

Step 2

Step 3

Click New Registration

Step 3

Step 4

  • Enter a name for your application (we recommend using your organization name)
  • Select Multitenant for the supported account types.
  • Set the Redirect URI to:

    https://api.breadbutter.io/callback

 

Note: Please ensure that the account type is Multitenant. This allows any Microsoft user to authenticate and log in. Single Tenant restricts login to your domain only.

Step 4

Step 5

  • Click Register. After the application is created, take note of the Client ID
Step 5

Step 6

  • Click on Certificates & Secrets, and then click on New client secret, name the description, set your desired expiry, and then click Add
  • Set a reminder for yourself to replace this Secret before it expires. If the Secret expires, your users will no longer be able to log in with the provider.
Step 6

Step 7

  • Your Secret value will be generated automatically, and you must copy this Secret value down immediately; the value will be hidden forever if you navigate away from the page, so you must regenerate a new one if the value is lost
Step 7

Step 8

Bread & Butter Setup:

  1. Go to https://app.breadbutter.io/sign-in/
  2. Click Sign In and authenticate (or Sign Up make a new account and authenticate).
  3. Go to Settings in the left menu.
  4. Click on Microsoft under SSO Settings > Social Accounts.
  5. Select "Set Microsoft for Production".
  6. Enter a custom name and description.
  7. Enter the Client ID from the Microsoft setup steps above.
  8. Enter the Client Secret from the Microsoft setup steps above.
  9. Click Save.
  10. Click the checkbox next to your new Microsoft provider to enable it.
Step 8