Hi Vishal

This is possible and well documented.

However, the names and versions have changed in the documentation. For instance, the documentation mentions Entra ID, which is the new name for Azure AD. And it mentions CMS 11, but CMS 9 is basically the same in this regard.

You can use the sample code pretty much as-is. But be prepared for some things to work differently. One thing, consider using the Authorization Code flow, instead of the implicit flow. That will be safer. I would also keep ValidateIssuer at default, instead of false.

Hi Stefan,

Thank you for the response. 1 more question: Will we be able to integrate AZURE AD with our asp.net web form based application. O was going through the documentation that you shared, and it expects configuratio code to be written in startup class. As ours in ASP.NET web form application, I dont think we can have startup call as startup class was introduced in MVC and .NET core.

Can you please suggest how we can integrated the code in web form.

The startup class is an OWIN feature, not a Web Forms feature. And, as I recall it, CMS 9 is technically a mix of MVC and Web Forms.

So you can introduce OWIN, with OpenID Connect. But you will then be turning off Forms Authentication. Meaning, you can not use mixed-mode authentication (where customers log in using username/password), unless you migrate Forms Authentication to ASP.Net Identity. But maybe you don't have such requirements.

You will just do as documented. Whenever the CMS requires authentication, it will invoke the OWIN authentication instead of the Forms Authentication.

And for the LogoutPath, in the documentation, use /Util/Logout.aspx, instead of /logout.