How to connect spring boot with Azure AD using a non-organizational account?

edit

1. First, create an Azure AD application in the Azure portal. Follow the documentation for more detailed instructions on how to do this.

2. Once your Azure AD application is created, note the application ID and tenant ID as you will need these values later.

3. Configure your Spring Boot application by adding the following dependencies to your pom.xml file:

<dependency>
  <groupId>org.springframework.boot</groupId>
  <artifactId>spring-boot-starter-security</artifactId>
</dependency>

<dependency>
  <groupId>org.springframework.security</groupId>
  <artifactId>spring-security-oauth2-client</artifactId>
</dependency>

<dependency>
  <groupId>org.springframework.security</groupId>
  <artifactId>spring-security-oauth2-jose</artifactId>
</dependency>

<dependency>
  <groupId>com.microsoft.azure</groupId>
  <artifactId>azure-active-directory-spring-boot-starter</artifactId>
  <version>2.2.0</version>
</dependency>

1. Next, add the following properties to your application.properties file:

spring.security.oauth2.client.registration.azure.client-id=<application ID>
spring.security.oauth2.client.registration.azure.client-secret=<client secret>
spring.security.oauth2.client.registration.azure.authorization-grant-type=authorization_code
spring.security.oauth2.client.registration.azure.redirect-uri=<redirect URI>
spring.security.oauth2.client.provider.azure.authorization-uri=https://login.microsoftonline.com/<tenant ID>/oauth2/v2.0/authorize
spring.security.oauth2.client.provider.azure.token-uri=https://login.microsoftonline.com/<tenant ID>/oauth2/v2.0/token

1. Replace the placeholders (<application id="">, <client secret="">, <redirect uri="">, <tenant id="">) with the values you noted earlier.

2. Finally, start your Spring Boot application and try accessing a secured endpoint. You should be redirected to the Azure AD login page and once authenticated, be granted access to the secured endpoint.