For an app I built, it was still required for the user to “create an account,” but this was all handled through Signing in with Google Workspace accounts. And the specific oauth info I used was restricted to users within the Google Workspace Organization.
Thanks for your answer – yes that’s a good data point. It doesn’t work in my case because my organization uses Microsoft Active Directory (not connected to any OAuth providers), but definitely a solution for Google Workspace users.
So as long as you have access to your orgs Azure account, you’ll just want to register an Azure ‘app’, get your keys, choose which API permissions within the app that users should have, then use this info to setup in bubble api connector.
In bubble, you’ll use ‘log in with social network’ instead of the traditional bubble database. Within the app, you can control finer grain permissions if you need to, but at base level whatever permissions you choose from Azure, will reflect with what users are allowed to do in your bubble app.
Thanks for your reply – I really appreciate your help. I think I need just a little more help to connect the dots. I’m trying to set up a product catalog for folks internal to my organization and I’m using Uphunt as a template.
The desired behavior is that all the webpages would be blank to anyone not authenticated using an AD login (outside the org), and that the pages would display correctly to anyone who is authenticated via AD (inside the org – we have ADFS).
So as long as you have access to your orgs Azure account, you’ll just want to register an Azure ‘app’, get your keys,
I do have access to the Azure portal and I can spin up an Azure App Service (is that what you mean?), where I can run a REST endpoint.
choose which API permissions within the app that users should have, then use this info to setup in bubble api connector.
I’m not sure what the permissions in an Azure App Service would be in this scenario.
What is the function of this Azure App Service? Does it function as an authorization service that the Bubble app calls via the Bubble API Connector?
Would a user of the Bubble “login with social network”, which then triggers a call to the App Service, which returns a token to the Bubble app?
Thanks in advance for sharing your thoughts.
EDIT: there is another thread on this forum on using ADFS with Bubble using OAuth2 as a mechanism but I’m not sure it was resolved.
Unfortunately I can’t use it in my case because the way our VPN is configured, folks can be on random IP blocks so it’s hard to limit by IP range, but Ipiphy sounds like a great plugin! It would be an easy solution for folks who can limit by IP range.
Thank you so much for your explanation – it really did fill in the gaps in my knowledge and put me on the right track.
On that note, I stumbled on this (fairly new) Bubble plugin “Login With Microsoft” which works on the same principles. I created a new Application Registration in Azure Active Directory, copied some IDs and secrets over per instructions in the video, and it worked!