locked
Custom login page for Azure AD Authentication RRS feed

  • Question

  • When using Azure AD as the identity provider for our web applications you get redirected to the login.microsoftonline page as part of the login process. This page has limited customization options described in the article "Add company branding to your sign-in and Access Panel pages" by Markus Vilcinskas. (I cannot post links yet).

    We would like to fully customize this page. Are there methods to do so? 

    Another question is if it's possible at all to create a completely custom login page for users to sign in where styling customization is in the hands of the developer?


    Friday, June 17, 2016 6:55 AM

All replies

  • Hi,

    Thanks for posting the query here,

    Custom company branding is now available with Azure Active Directory Basic and Premium editions. You can customize some of the experience, with some text, images and logos.

    I suggest you to refer these links Azure Active Directory editions & Add company branding to your sign-in and Access Panel pages.

    Let us know whether it helps you,

    Hope this helps you 

    Thanks & Regards
    Vijisankar.

    ________________________________________________________________________________________________

     If a post answers your question, please click Mark As Answer on that post and Vote as Helpful.

    • Proposed as answer by vijisankar Thursday, June 30, 2016 11:38 AM
    Friday, June 17, 2016 4:17 PM
  • I'm working on an application that uses Azure AD as an identity provider. It works well, but the login experience is jarring when the user is taken from my application to the https://login.microsoftonline.com Azure hosted login page. In addition to losing all application branding, the user is unlikely to know that the tenant domain suffix must be appended to their username when entering credentials

    Can we have a custom login page for Azure Active Directory?


    Wednesday, June 26, 2019 7:11 AM
  • No. I am afraid this is not possible as of now. Azure AD custom branding is the recommended solution for these scenarios. You can have tenant-specific branding and you can make use of username hints or sign-texts as explained in this articleto provide any custom info required for the users. 

    You cannot have a custom page for Azure AD authentication in the traditional sense. You can make use of the ROPC flow in scenarios where it is absolutely necessary. This flow has a lot of limitations (2FA is not possible, Federated accounts cannot be used, requires additional administrative effort ) and is not recommended as it is not considered as a secure practice.

    If you still want to pursue this, you can have the client which sends the user creds to a backend server which has the client Id and secret. Once the user creds are received, then the server can make a call to Azure AD using the ROPC flow and pass the token sent by Azure AD back to the browser.

    Ref: https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-oauth-ropc



    Wednesday, June 26, 2019 10:57 AM