Skip to main content

Sign-in users to your Django Web app with Azure Active Directory.

Project description

Django Azure Active Directory Sign-In

Django 4.0.6 Donate with PayPal License BSD 3-Clause Code style: black Build Follow JV conseil – Internet Consulting on Twitter

Sign-in users to your Django Web app with Azure Active Directory.


django-azure-active-directory-signin is a Django app which wraps the great MSAL package to enable authentication against Microsoft's Azure Active Directory in Django projects.

Sign-in users to your Django Web app with Azure Active Directory

The app includes login, logout and callback authentication views, a decorator to protect individual views, and middleware which allows the entire site to require user authentication by default, with the ability to exempt specified views.

This project is in no way affiliated with Microsoft.


From PyPi:

pip install django-azure-active-directory-signin


Azure App Registration setup

  • Register an app at
  • Add a client secret and note it down.
  • Complete the Redirect URI list:
    • https://<your-domain>/azure-signin/callback
    • https://localhost:8000/azure-signin/callback


Add the following to your, replacing the variables in braces with the values from your Azure app:


    "CLIENT_ID": os.environ.get("CLIENT_ID"),
    "CLIENT_SECRET": os.environ.get("CLIENT_SECRET"),
    "TENANT_ID": os.environ.get("TENANT_ID"),
        ("employeeNumber", "employee_id"),
        ("affiliationNumber", "omk2"),
    "REDIRECT_URI": "https://<domain>/azure_signin/callback",  # Optional
    "SCOPES": ["User.Read.All"],  # Optional
    "AUTHORITY": "<tenant id>",  # Optional Or if multi-tenant
    "LOGOUT_REDIRECT_URI": "https://<domain>/logout",  # Optional
    "PUBLIC_URLS": ["<public:view_name>",]  # Optional, public views accessible by non-authenticated users


LOGIN_URL = "azure_signin:login"
LOGIN_REDIRECT_URL = "/" # Or any other endpoint

Note: You should obfuscate the credentials by using environment variables

Installed apps

Add the following to your INSTALLED_APPS:


Authentication backend

Configure the authentication backend:


Can be subclassed to cutomize validation rules for users.

import logging

from azure_signin.backends import AzureSigninBackend

logger = logging.getLogger(__name__)

class CustomAzureSigninBackend(AzureSigninBackend):
    "Subclass AzureSigninBackend to cutomize validation rules for users."

    def is_valid_user(self, user: dict, *args, **kwargs) -> bool:
        output = super().is_valid_user(user, *args, **kwargs):
            "run extra tests here..."
        except Exception as e:
        logger.debug("is_valid_user: %s", output)
        return output


Include the app's URLs in your urlpatterns:

from django.urls import path, include

urlpatterns += [
    path("azure-signin/", include("azure_signin.urls", namespace="azure_signin")),



To make user authentication a requirement for accessing an individual view, decorate the view like so:

from azure_signin.decorators import azure_signin_required
from django.shortcuts import HttpResponse

def protected_view(request):
    return HttpResponse("A view protected by the decorator")


If you want to protect your entire site by default, you can use the middleware by adding the following to your


Make sure you add the middleware after Django's session and authentication middlewares so that the request includes the session and user objects. Public URLs which need to be accessed by non-authenticated users should be specified in the settings.AZURE_SIGNIN["PUBLIC_URLS"], as shown above.


This app is heavily inspired by and builds on functionality in, with both feature improvements and code assurance through testing.

Readings 📚

Project details

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

Built Distribution

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page