You are currently viewing the new Anvil Editor Docs.
Switch to the Classic Editor Docs
You are currently viewing the Classic Editor Docs.
Switch to the new Anvil Editor Docs

Microsoft Single Sign On

Log users in to their Microsoft accounts

Anvil has a built-in integration with Microsoft’s Azure Active Directory. This means you can allow users to sign in to their Microsoft accounts from your app. This includes Skype and Office 365 accounts. If users are already logged in to their Microsoft account, they can log in to your app simply by clicking a button.

There are very similar integrations for Facebook and Google accounts.

To display a login dialog, enable the Microsoft API Service and run this line of Python on the client side:

anvil.microsoft.auth.login()

The resulting login dialog looks like this:

A running app showing a dialog with 'cancel' and 'log in' buttons, and a message informing you you are about to log in with Microsoft.

A running app showing a dialog with 'cancel' and 'log in' buttons, and a message informing you you are about to log in with Microsoft.

If the user’s browser is not logged in to their Microsoft account, they will be presented with the Microsoft Single Sign On dialog in another browser window.

The Microsoft Single Sign On window.

If the user’s browser is already logged in to Microsoft’s Single Sign On, clicking on the Log In box will log them in without requiring them to enter their password. This might be the case if they are logged in to the Azure Portal in another tab, for example.

If the ‘Cancel’ button is clicked, the anvil.microsoft.auth.login() returns None. You can use this to restrict part or all of your app to logged-in users.

Once the user has logged in, you can get the email address they are logged in with using:

anvil.microsoft.auth.get_user_email()

If you’re already using the Users Service

If you’re already using the Users Service, it is not necessary to enable the Microsoft API Service and run anvil.microsoft.auth.login(). You can enable Microsoft login from the standard Users Service login dialog by checking the ‘Microsoft (Azure AD/Office 365)’ box:

The Users Service config screen with Microsoft (Azure AD/Office 365) checked.

The Users Service config screen with Microsoft (Azure AD/Office 365) checked.

With this box checked, the Users Service login dialog will show a ‘Login with Microsoft’ option:

The Users Service login dialog with a Login With Microsoft link

Users that log in this way will be added to the Users Data Table just like users that signed up using any other Users Service method.

Next up

You can restrict access to only users in your own Active Directory. Read Using your own Azure Active Directory for more details.

It’s easy to access Microsoft Azure APIs via your Active Directory. Anvil fetches an API token for you, so you just have to make the relevant HTTP requests. Read Accessing Microsoft Azure APIs for more details.


Do you still have questions?

Our Community Forum is full of helpful information and Anvil experts.