Skip to content

feat: make Microsoft Entra ID tenant configurable #266

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
umputun merged 2 commits into from
Feb 11, 2026
Merged

feat: make Microsoft Entra ID tenant configurable #266

umputun merged 2 commits into from
Feb 11, 2026

Conversation

@paskal
Copy link
Collaborator

@paskal paskal commented Feb 10, 2026
edited
Loading

Summary

  • Add MicrosoftTenant field to provider.Params and AddMicrosoftProvider method to auth.Service
  • Allows single-tenant Entra ID (Azure AD) applications to specify their tenant instead of the hardcoded common endpoint
  • Defaults to "common" when no tenant is specified, preserving full backwards compatibility
  • Changes applied to both v1 and v2

Contributes to umputun/remark42#1998

@paskal
feat: make Microsoft Entra ID tenant configurable
7e1ed2c 
Add MicrosoftTenant field to provider.Params and AddMicrosoftProvider
method to auth.Service, allowing single-tenant Entra ID applications
to specify their tenant instead of the hardcoded "common" endpoint.

Fixes umputun/remark42#1998
@paskal paskal marked this pull request as ready for review February 10, 2026 23:43
@paskal paskal requested a review from umputun as a code owner February 10, 2026 23:43
@coveralls
Copy link

coveralls commented Feb 10, 2026
edited
Loading

Pull Request Test Coverage Report for Build 21887694868

Details

  • 19 of 19 (100.0%) changed or added relevant lines in 2 files are covered.
  • No unchanged relevant lines lost coverage.
  • Overall coverage increased (+0.6%) to 84.247%
Totals Coverage Status
Change from base Build 21151982006: 0.6%
Covered Lines: 2706
Relevant Lines: 3212
💛 - Coveralls

paskal added a commit to umputun/remark42 that referenced this pull request Feb 10, 2026
@paskal
feat: make Microsoft Entra ID tenant configurable
f647b57 
Add AUTH_MICROSOFT_TENANT env var to allow configuring the Azure AD
tenant for single-tenant Entra ID applications, which cannot use the
default /common endpoint.

Depends on go-pkgz/auth#266

Closes #1998
@paskal paskal mentioned this pull request Feb 10, 2026
Merged
paskal added a commit to umputun/remark42 that referenced this pull request Feb 10, 2026
@paskal
feat: make Microsoft Entra ID tenant configurable
ca3519a 
Add AUTH_MICROSOFT_TENANT env var to allow configuring the Azure AD
tenant for single-tenant Entra ID applications, which cannot use the
default /common endpoint.

Depends on go-pkgz/auth#266

Closes #1998
@umputun
Copy link
Member

umputun commented Feb 10, 2026

clean, minimal change - does what it says. CI green, 100% coverage on changed lines, v1/v2 consistent.

two things worth considering:

  1. tenant validation - the value goes directly into microsoft.AzureADEndpoint(tenant) which concatenates it into URLs like https://login.microsoftonline.com/{tenant}/oauth2/v2.0/authorize. since it's server-side config the risk is low, but basic validation (reject /, .., ?, #, whitespace) would be cheap insurance. up to you whether it's worth it.

  2. AddMicrosoftProvider + UserAttributes - the new method creates empty UserAttributes. if someone needs both custom tenant and user attributes, they'd have to construct provider.Params manually. not a blocker, just noting the gap.

otherwise LGTM

umputun
umputun approved these changes Feb 11, 2026
View reviewed changes
Copy link
Member

@umputun umputun left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, thx for adding the validation

@umputun umputun merged commit fbba7f2 into master Feb 11, 2026
9 checks passed
@umputun umputun deleted the configurable-microsoft-tenant branch February 11, 2026 00:31
paskal added a commit to umputun/remark42 that referenced this pull request Feb 11, 2026
@paskal
feat: make Microsoft Entra ID tenant configurable
31e20fc 
Add AUTH_MICROSOFT_TENANT env var to allow configuring the Azure AD
tenant for single-tenant Entra ID applications, which cannot use the
default /common endpoint.

Depends on go-pkgz/auth#266

Closes #1998
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@umputun umputun umputun approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@paskal @coveralls @umputun