PHPackages oliverkroener/ok-azure-login - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Authentication & Authorization](/categories/authentication) 4. / 5. oliverkroener/ok-azure-login ActiveTypo3-cms-extension[Authentication & Authorization](/categories/authentication) oliverkroener/ok-azure-login ============================ Login and register frontend and backend users using Azure Entra 4.0.2(3mo ago)0253GPL-2.0-or-laterPHPPHP ^8.1 Since Feb 13Pushed 3mo ago1 watchersCompare [ Source](https://github.com/oliverkroener/ok_azure_login)[ Packagist](https://packagist.org/packages/oliverkroener/ok-azure-login)[ RSS](/packages/oliverkroener-ok-azure-login/feed)WikiDiscussions main Synced 1mo ago READMEChangelogDependencies (4)Versions (11)Used By (0) TYPO3 Azure Login (ok\_azure\_login) ==================================== [](#typo3-azure-login-ok_azure_login) TYPO3 extension for frontend and backend login via Microsoft Entra ID (Azure AD) using the OAuth 2.0 authorization code flow and Microsoft Graph API. Extension key`ok_azure_login`Composer`oliverkroener/ok-azure-login`TYPO312.4, 13.4, 14.0PHP^8.1Features -------- [](#features) - **Frontend login** via "Sign in with Microsoft" content element - **Backend login** via login provider on the TYPO3 backend login screen - **Per-site configuration** with encrypted client secret storage - **Multi-tenant support** with multiple backend login buttons - OAuth 2.0 authorization code flow with HMAC-signed state parameter - User lookup by email in `fe_users` / `be_users` - Backend redirect URI auto-derived from route configuration - Frontend logout with optional Microsoft sign-out redirect - Translations: English, German, French Quick start ----------- [](#quick-start) 1. Register an app in [Microsoft Entra ID](https://portal.azure.com) (see [Azure setup docs](Documentation/Azure.rst)) 2. Install the extension via Composer: ``` composer require oliverkroener/ok-azure-login ``` 3. Configure credentials in **Web > Azure Login** backend module 4. Add the **Azure Login** content element to a frontend page 5. Register the redirect URIs from the backend module in your Azure app Configuration ------------- [](#configuration) Credentials are managed per TYPO3 site via the backend module. Each site stores: - **Tenant ID** and **Client ID** from Azure App Registration - **Client Secret** (encrypted at rest with PHP Sodium) - **Redirect URI (Frontend)** -- manually configured, points to the login page - **Redirect URI (Backend)** -- auto-generated from route config, shown as read-only with copy button The backend redirect URI (`/typo3/azure-login/callback`) is derived from `Configuration/Backend/Routes.php` and cannot be misconfigured. Global credentials via Extension Configuration serve as a fallback for single-site setups. Documentation ------------- [](#documentation) Full documentation is in the [Documentation/](Documentation/) directory: - [Azure Entra ID setup](Documentation/Azure.rst) - [Configuration](Documentation/Configuration/Index.rst) - [Installation](Documentation/Installation.rst) - [FAQ](Documentation/Faq.rst) Security -------- [](#security) - Client secrets encrypted at rest (PHP Sodium `sodium_crypto_secretbox`) - HMAC-signed OAuth state with 10-minute TTL - Per-site credential isolation - CSRF token handling for TYPO3 v13+ Requirements ------------ [](#requirements) - `microsoft/microsoft-graph` ^2 - `microsoft/kiota-authentication-phpleague` ^1 - TYPO3 encryption key must be configured ### Health Score 41 — FairBetter than 89% of packages Maintenance82 Actively maintained with recent releases Popularity17 Limited adoption so far Community7 Small or concentrated contributor base Maturity49 Maturing project, gaining track record Bus Factor1 Top contributor holds 100% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~0 days Total 7 Last Release 94d ago Major Versions 3.0.0 → 4.0.02026-02-13 3.0.1 → 4.0.22026-02-13 PHP version history (2 changes)3.0.0PHP ^8.1 2.1.0PHP ^7.4 ### Community Maintainers ![](https://www.gravatar.com/avatar/0e3131f46d9c0fc7766936f374848d0ab6be6f8095f2f2c01984736a5e7fcd52?d=identicon)[Oliver Kroener](/maintainers/Oliver%20Kroener) --- Top Contributors [![oliverkroener](https://avatars.githubusercontent.com/u/4545439?v=4)](https://github.com/oliverkroener "oliverkroener (7 commits)") --- Tags AuthenticationSSOoauthmicrosoftazurelogintypo3entraOffice365graph-apifrontend-loginbackend-login ### Embed Badge ![Health badge](/badges/oliverkroener-ok-azure-login/health.svg) ``` [![Health](https://phpackages.com/badges/oliverkroener-ok-azure-login/health.svg)](https://phpackages.com/packages/oliverkroener-ok-azure-login) ``` ### Alternatives [thenetworg/oauth2-azure Azure Active Directory OAuth 2.0 Client Provider for The PHP League OAuth2-Client 2509.6M48](/packages/thenetworg-oauth2-azure) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)