/ Sitecore

Sitecore External User builder for Azure Active Directory Integration

Issue:

When we integrate any external identity provider, the default user domain is always Sitecore. We will need to differentiate external users from the Sitecore based user logins in User manager.
Sitecore-External-User-builder-for-Azure-Active-Directory-Integration_before

Solution:

We could achieve this with a simple custom user builder. We need to ensure the default functionality is extended. The implementation is similar to default user builder with some customization. The default builder will create a unique name with hash of max length 10 and default all users to Sitecore domain. In this implementation, I am using email which is the default user name in Azure ad.

Comment the External user builder in the config file located on CM instance (App_Config\Include\IdentityProvider)
Sitecore.Owin.Authentication.Services.DefaultExternalUserBuilder and add the custom user builder like the following

Full config in available here https://bala.one/sitecore-10-identity-server-azure-ad/

Ensure the domain is added to the Sitecore Domain manager.
Sitecore-External-User-builder-for-Azure-Active-Directory-Integration_1

Sitecore-External-User-builder-for-Azure-Active-Directory-Integration_2

Ensure the domain name matches the code

Result

The implementation gets the domain name set as ad and also the fully qualified name prefixed with ad.
Sitecore-External-User-builder-for-Azure-Active-Directory-Integration_after

Ref:
For Sitecore Azure AD integration. Please follow Derek posts that explains in detail.
https://sitecore.derekc.net/tag/sitecore-identity/