Azure AD OAuth2

How to connect Azure Active Directory (AD) Single Sign-On (SSO) with OAuth2 in UI Bakery


  • An Azure account with an active subscription.

  • Administrator rights on Microsoft Entra ID (former Active Directory).

  • A UI Bakery application up and running.

Create an Azure AD Application

Step 1: Create a New Application

  1. Click on "Microsoft Entra ID" from the sidebar.

  2. Choose "App registrations" and then click on "New registration".

Step 2: Configure the Application

  1. Name your application.

  2. Set the supported account types.

  3. Set the redirect URI to https://YOUR_INSTANCE/auth/oauth2/callback

  4. Click "Register" to create the application.

Configure OAuth2 in Azure

Step 1: Obtain Client ID and Secret

  1. Go to the "Overview" tab of your newly created Azure application.

  2. Note down the "Application (client) ID".

Step 2: Generate a Client Secret

  1. Navigate to "Certificates & secrets".

  2. Click on "New client secret" and follow the prompts.

Integrate Azure with UI Bakery

Step 1: Update environment variables

# Can be found in Overview tab
# do not mess it up with secret id, it should be secret value
# Replace <your-tenant-id> with Directory (tenant) ID from overview tab
# For multitenant integration use "common" instead of tenant ID

Step 2: Restart your UI Bakery instance

Docker compose setup may be restarted with the following command:

docker compose down && docker compose up -d

Test the Integration

  1. Attempt to log in to your UI Bakery application with `Login with Microsoft` button.

  2. You should be redirected to the Azure AD login page.

  3. After successful authentication, you should be redirected back to your UI Bakery application.


If you encounter issues during the integration, consider checking the following:

  1. Make sure the Client ID and Client Secret are correctly configured in UI Bakery.

  2. Validate the Redirect URI settings on both Azure and UI Bakery.

  3. Check Azure logs for authentication errors.

Last updated