Custom login page for Azure Active Directory

2019-03-25 08:37发布

问题:

I'm working on an application that uses Azure AD as an identity provider. It works well, but the login experience is jarring when the user is taken from my application to the https://login.microsoftonline.com Azure hosted login page. In addition to losing all application branding, the user is unlikely to know that the tenant domain suffix must be appended to their username when entering credentials (e.g. bob becomes bob@mytenant.onmicrosoft.com). Is there any way of hosting a login page for Azure AD within my own application?

回答1:

Custom company branding is now available with Azure Active Directory Basic and Premium editions. You can customize some of the experience, with some text, images and logos.

  • Azure Active Directory Editions
  • Add company branding to your Sign In and Access Panel pages


回答2:

No. You cannot either host login page, nor customize the login page of Azure AD.

The only login page that you can change/host/customize is the one of the Access Control Service. And this is because ACS acts as Federation Provider, not as Identity Provider. And this is for security reasons.

What you may try is explore the OAuth 2.0 Resource's Owner Password Flow with AAD. However I never advise clients doing so for Web Applications.

If you are going to use AAD as a one-and-only-one Identity Provider for your web application. And you will be managing all the sign-up, password expiry, password reset, etc. flows with AAD. And you want a total customization of the login page - I will suggest that you take a look at the Identity Server. Use management in this product is probably easier, and you can customize login page. And you will maintain the service.



回答3:

If the customization options offered by Azure Active Directory Premium isn't enough, you can deploy your own ADFS server and fully customize the sign in process.

Follow the instructions here to implement your own ADFS server with Azure. This will offer the added benefit of enhanced security and policy options.