This is legit the best explanation I have seen and gave me confidence to implement this in my project. Thank you, as well for the technical breakdown, that was so useful!
This is dope. I love your channel for high level programming. 1. I am hoping that we could go a little bit further to configure multitenant applications too 2. In multitenant applications where domains might be unique and dynamic, how is the auth gonna be like? Until then, thumbs up from me
What about django rest framework. My frontend is running on another server so I need to send the office365 uri from the backend, then i need to validate de token from the frontend
This is a great video. Is there any chance you can talk about group claims and some of the other parameters so that we can map AAD groups to Django groups and permissions? It would be super helpful in implementing a true single sign on of Django with AAZ
This is great content as usual. Do you have an example of, or could you create/show, how to use AAD groups and claims with Django groups for permissions and content access? It’s one things to SSO with AAD but in reality members of AAD groups would have rights that needs to used for Django content
Excellent video!!! My question is, how do I access the users' other information like their email address? Seeing as request.identity_context_data provides username but no other personal information. And I will really appreciate a pointer on how this can be combined with a User model.
Amazing video. Something I have wanted to do was convert my project to SSO against Azure AD. Could there be a follow on video about django permissions and Azure Groups and Group Claims in the Azure token? That is one road block I have for conversion. How do I protect content, model perms, with members from azure groups or mapping them to existing Django groups. Not sure how to do that or what should be done. Thank you
Hi, really nice tutorial. I have been following this tutorial & it works smoothly. But I am trying to add Azure AD to an existing DJANGO APP (created by someone else). whenever I am trying to login using SSO it reverts me back to LOGIN page. My guess is I am missing something & "request.identity_context_data.username" under HTML page is not woking as it should, hence reversing to login page. Can you please provide any advice on this or we test my theory of "request.identity_context_data.username" within app. Regardless, great video, you have one more subscriber.
Thanks for subscribing - really appreciate that! I'm not really sure, but a few things to check: * have you configured the redirect URI on Azure? It * In your view, what is the output of logging "request.identity_context_data"? * Are you using the ms_identity_web login_required decorator (and NOT the standard Django decorator)? I'd also make sure you've added the code at the bottom of this page ("Sign-in to a Django web app" section): learn.microsoft.com/en-us/training/modules/msid-django-web-app-sign-in/4-sign-in-users-to-django-web-app
@@bugbytes3923 Thank you entertaining my query, I will proceed with your comments. One last thing, is it necessary to do HTTPS thing? I mean I followed your example it is running fine without that, not sure why it is required
Love your videos. How would you restrict certain views to different users within your tenant (i.e., supervisor views vs associate views)? Can this be done using Groups in Azure, or would you want to use social_auth and add to the social pipeline (which creates a user model in django database)?
Thanks John! Interesting question. With a User model, you can leverage Django permissions to restrict certain views, depending on permissions assigned to the user (or a group). The "permission_required" decorator can help you here. It would also be possible to do this via groups in the tenant. When you receive the response with the identity_context_data, you can look at the group(s) the user belongs to in the Azure AD tenant. You could then write a Python function and pass that to the "user_passes_test" decorator to restrict certain views. More on that decorator here: docs.djangoproject.com/en/4.2/topics/auth/default/#django.contrib.auth.decorators.user_passes_test
I've not really looked into Azure AD with Flask, but the library used in this video - ms-identity-web - can also be used with Flask. A sample repository is here: github.com/Azure-Samples/ms-identity-python-webapp Flask is a smaller framework as it offers less out of the box than Django, but you can add the utilities you need when you need them (forms, database connectors, etc).
@@bugbytes3923 Thanks for the reply ! Unfortunatlyey , the library cannot be used with conda ( to my knowledge , as its called azure-ilengthy dentity and the sample code uses Identity package ) I tried making an app with it ( quiz app ) but I can sign in with microsoft accounts too , but I get a code in return which I dont know what to do I set the client id , secret n all too. Lend some advice if you have some.Thanks in advance :D
I'm having a hard time operating the sign_out ! My app will work fine in a private browser, but not on a browser. I'm guessing the cache isn't deleted, or something so... I don't get redirected to the app after logging out with Azure AD. Any advice with this?
Great video. For some reason I had the ff issue: Django - Reverse for '' not found. '' is not a valid view function or pattern name I managed to resolve it by creating index and home views and urls. Do you know what could be the case?
Hi i am stuck at a part in the video, can it be possible because i only have a free account and free credit? Do i need to have a pay as you go pricing for getthing this done ? because it is not giving me the option to create a Entra ID with free subscription
Excellent as always! When I deploy to Heroku or Railway I use to save the credentials in a .env file which i don't save to Github. How should i handle this with the aad.config.json file? It would be nice with some examples using MS Graph API as well. Thanks a lot!
Thank you for the suggestions Peter! Will look into the MS Graph API. For your aad.config.json file, definitely don't check the raw values into Github, as it contains your app's client secret which shouldn't be exposed.
@bugbytes I applied Active directory login system in my django application and deployed it in Azure portal app services. It works fine for 1st week but then suddenly it start giving error "AuthSecurityError at /auth/redirect Failed to match request state with session state". I am using azure sql server as backend without creating models. Can you please help me to find out and resolve this issue?
i was searching for video on django and azure using SAML, I saw this very informative, Thank you very much. Please do make video on django and azure using SAML
Is there any way that I can contact you directly to help me with my implementation? I'm really really stucked because i'm changing the application flow that was already implemented and i've tried everything. It doens't matter if you charge me for the meeting
Great work. Could you share your code please. I am trying to reproduce the entire tutorial but am failing to get the 'You are not signed in. Login' part. At least with your code I can investigate easily where I made mistakes and remedy that. When I run the server I just get the 'Hello World' text i intended but no 'login' option/button.
This video is great! Could you help me out on how to extract user PROFILE PICTURE from azure ad? The following code doesn't help me extract user profile picture: request.identity_context_data._id_token_claims It's URGENT, PLEASE help if any of you can... Thanks in advance!
This is legit the best explanation I have seen and gave me confidence to implement this in my project. Thank you, as well for the technical breakdown, that was so useful!
Thanks a lot, really glad it was useful! Thanks for watching!
This is dope. I love your channel for high level programming.
1. I am hoping that we could go a little bit further to configure multitenant applications too
2. In multitenant applications where domains might be unique and dynamic, how is the auth gonna be like?
Until then, thumbs up from me
Thanks a lot for watching, glad you're enjoying the channel!
Nice suggestions, I will consider these options!
under rated
u deserve subs brother
keep it up quality contentment
Thanks a lot!
explained it very well,
Thank you so much for your knowledge sharing
Thank you! Glad it was helpful!
Thank you very much, very clear, very pleasant to hear.
Thanks a lot!
What about django rest framework. My frontend is running on another server so I need to send the office365 uri from the backend, then i need to validate de token from the frontend
Did you get your solution ?
did you ?
@@biggerpicture5535
Thank you so much sir ....very well explained ....love this video
Thanks very much!
This is a great video. Is there any chance you can talk about group claims and some of the other parameters so that we can map AAD groups to Django groups and permissions? It would be super helpful in implementing a true single sign on of Django with AAZ
This is great content as usual. Do you have an example of, or could you create/show, how to use AAD groups and claims with Django groups for permissions and content access? It’s one things to SSO with AAD but in reality members of AAD groups would have rights that needs to used for Django content
Thank you very much!
You’re welcome, thanks for watching !
Thanks for the Explanation , I hope that you can add an update about the Azure Entra ID.
much needed
did you find some resources about it?
@@THEATEAMRULES I think if you understand AD , it will not ne difficult to get EntraID , it is kind of update
Great video. Thanks.
Thanks for watching!
Excellent video!!! My question is, how do I access the users' other information like their email address? Seeing as request.identity_context_data provides username but no other personal information. And I will really appreciate a pointer on how this can be combined with a User model.
You can get more information by using request.identity_context_data._id_token_claims
Very interesting.
But if I need to give authorization via /admin, how can I make this directly via AD?
Sadly they have now removed the json sample from the tutorial...
Amazing video. Something I have wanted to do was convert my project to SSO against Azure AD. Could there be a follow on video about django permissions and Azure Groups and Group Claims in the Azure token? That is one road block I have for conversion. How do I protect content, model perms, with members from azure groups or mapping them to existing Django groups. Not sure how to do that or what should be done. Thank you
great video, just to round up, if you could just do an extension of the media file in azure storage would be lovely
Thank you Sacha! Yes, I'll do a video on storing the media files in Azure Blob storage soon.
The documentation link provided is now redirecting to azure ad for Flask application instead of django
Great work,Can you please comment the documentation link which you followed
So good thx! What's the baseline pricing for adding Azure AD to Django?
Hi, really nice tutorial. I have been following this tutorial & it works smoothly. But I am trying to add Azure AD to an existing DJANGO APP (created by someone else). whenever I am trying to login using SSO it reverts me back to LOGIN page. My guess is I am missing something & "request.identity_context_data.username" under HTML page is not woking as it should, hence reversing to login page. Can you please provide any advice on this or we test my theory of "request.identity_context_data.username" within app.
Regardless, great video, you have one more subscriber.
Thanks for subscribing - really appreciate that!
I'm not really sure, but a few things to check:
* have you configured the redirect URI on Azure? It * In your view, what is the output of logging "request.identity_context_data"?
* Are you using the ms_identity_web login_required decorator (and NOT the standard Django decorator)?
I'd also make sure you've added the code at the bottom of this page ("Sign-in to a Django web app" section):
learn.microsoft.com/en-us/training/modules/msid-django-web-app-sign-in/4-sign-in-users-to-django-web-app
@@bugbytes3923 Thank you entertaining my query, I will proceed with your comments. One last thing, is it necessary to do HTTPS thing? I mean I followed your example it is running fine without that, not sure why it is required
Love your videos.
How would you restrict certain views to different users within your tenant (i.e., supervisor views vs associate views)? Can this be done using Groups in Azure, or would you want to use social_auth and add to the social pipeline (which creates a user model in django database)?
Thanks John!
Interesting question. With a User model, you can leverage Django permissions to restrict certain views, depending on permissions assigned to the user (or a group). The "permission_required" decorator can help you here.
It would also be possible to do this via groups in the tenant. When you receive the response with the identity_context_data, you can look at the group(s) the user belongs to in the Azure AD tenant. You could then write a Python function and pass that to the "user_passes_test" decorator to restrict certain views. More on that decorator here:
docs.djangoproject.com/en/4.2/topics/auth/default/#django.contrib.auth.decorators.user_passes_test
1. how would you do the same with flask ??
2. also , flask vs django , is it really just micro framework vs a more robust one?
I've not really looked into Azure AD with Flask, but the library used in this video - ms-identity-web - can also be used with Flask.
A sample repository is here: github.com/Azure-Samples/ms-identity-python-webapp
Flask is a smaller framework as it offers less out of the box than Django, but you can add the utilities you need when you need them (forms, database connectors, etc).
@@bugbytes3923 Thanks for the reply !
Unfortunatlyey , the library cannot be used with conda ( to my knowledge , as its called azure-ilengthy dentity and the sample code uses Identity package )
I tried making an app with it ( quiz app ) but I can sign in with microsoft accounts too , but I get a code in return which I dont know what to do
I set the client id , secret n all too.
Lend some advice if you have some.Thanks in advance
:D
How you check the permission of the new user you just set?
I'm having a hard time operating the sign_out ! My app will work fine in a private browser, but not on a browser. I'm guessing the cache isn't deleted, or something so... I don't get redirected to the app after logging out with Azure AD. Any advice with this?
Great video. For some reason I had the ff issue: Django - Reverse for '' not found. '' is not a valid view function or pattern name
I managed to resolve it by creating index and home views and urls.
Do you know what could be the case?
Hi i am stuck at a part in the video, can it be possible because i only have a free account and free credit? Do i need to have a pay as you go pricing for getthing this done ? because it is not giving me the option to create a Entra ID with free subscription
Excellent as always!
When I deploy to Heroku or Railway I use to save the credentials in a .env file which i don't save to Github. How should i handle this with the aad.config.json file?
It would be nice with some examples using MS Graph API as well. Thanks a lot!
Thank you for the suggestions Peter! Will look into the MS Graph API.
For your aad.config.json file, definitely don't check the raw values into Github, as it contains your app's client secret which shouldn't be exposed.
@@bugbytes3923 I understand that but how would i store and retrieve the json file in a Heroku env var?
is it possible to use this technique with django rest framework?
@bugbytes I applied Active directory login system in my django application and deployed it in Azure portal app services. It works fine for 1st week but then suddenly it start giving error "AuthSecurityError at /auth/redirect Failed to match request state with session state". I am using azure sql server as backend without creating models. Can you please help me to find out and resolve this issue?
Is this library ready for production?
What if i am using deployed django app in azure webapp then what redirect URL i need to you?
can you please make video on django and azure AD by SAML
i was searching for video on django and azure using SAML,
I saw this very informative, Thank you very much.
Please do make video on django and azure using SAML
Is there any way that I can contact you directly to help me with my implementation? I'm really really stucked because i'm changing the application flow that was already implemented and i've tried everything.
It doens't matter if you charge me for the meeting
how is it going? have you managed to integrate azure ad authentication
request: could you redo this video with the current way of doing this? (the json variant is taken offline by msft)
Thanks - yes, I'm planning to as I've had some requests. Will do this over the summer at some point.
thank
Thank you for watching!
Great work. Could you share your code please. I am trying to reproduce the entire tutorial but am failing to get the 'You are not signed in. Login' part. At least with your code I can investigate easily where I made mistakes and remedy that. When I run the server I just get the 'Hello World' text i intended but no 'login' option/button.
Hey, thank you for watching. I'll try and get the code online today - will drop a message in here when it's available.
@@bugbytes3923 Thanks. Will be grateful for that. I really need to master this concept for a project.
@@bugbytes3923 Good day. Any progress?
@@rorisangsitoboli4601 Sorry for the delay. You can find the code here:
github.com/bugbytes-io/azure-ad-django-demo
@@bugbytes3923 Good day. Apology unnecessary. I appreciate your kindness in sharing this valuable information. Thank you much.
How can i add a profile for the user
Azure Active Directory is now Microsoft Entra ID.
Please give me a Azure django sso documentation link
Documentation link pls
This video is great! Could you help me out on how to extract user PROFILE PICTURE from azure ad? The following code doesn't help me extract user profile picture: request.identity_context_data._id_token_claims
It's URGENT, PLEASE help if any of you can...
Thanks in advance!