Since Squidex/squidex-identity: Identity Server for Squidex Headless CMS has been archived, I searched the documentation and support but didn’t find an answer to this.
I could see the Auth0 provider as a custom social to add Squidex, but it is a commercial product, and I also want to use Auth.js. Do we have anyone who has implemented it?
Sorry, I have missed your topic. Squidex Identity was more like auth0 itself. But if you are self hosting you can integrate auth0 as external identity provider: squidex/backend/src/Squidex/appsettings.json at master · Squidex/squidex · GitHub
When you create a team you can also configure a custom authentication provider:
On te login screen, people can enter their email adress and if it matches to your domain, they will be redirected to your auth provider.
I tried to configure OIDC in the Squidex team, but I met some errors:
AADSTS50011: The redirect URI ‘Squidex Headless CMS’ specified in the request does not match the redirect URIs configured for the application ‘65d2d93a-1f1e-40a8-b657-b5cf3050bf67’. Make sure the redirect URI sent in the request matches one added to your application in the Azure portal. Navigate to Error AADSTS50011 the redirect URI does not match the redirect URIs configured for the application | Microsoft Learn to learn more about how to fix this.
My Azure AD B2C App
clientID: 65d2d93a-1f1e-40a8-b657-b5cf3050bf67
Configure Redirect URL https://cloud.squidex.io/identity-server/signin-74d5109e-7ce7-4aad-9b7b-79078e8905d8
After reading New Feature “Users” - #4 by Sebastian , I still have no idea how to resolve the SSO login.
Could we make an example to demonstrate this best practice to supplement the documentation on this aspect?
Have you configured this redirect URL in azure AD? Perhaps you can tell it to provide details so that you can see the actual URL in case it does not match.
Already configured. This does not influence.
Oh, man, we have a six-hour time difference.
And I think this is not my private problem; this should be a public problem.
Shall we make an example to demonstrate them, as I said before Let’s make an example to clarify or advance this discussion. 
.
I want to promote the better development of the Squidex community.
By the way, I have built a custom loader: starsquid brings Squidex to Astro.
Totally agree, but I think it would be easier to solve the problem first and then create an article in the docs for that.
Nice. I will think about how to promote it better.
Btw: If you inspect the network calls, you will also see the redirect URL in the query string when the redirect is made the AD.
Could you test it for yourself first?
I saw Azure AD (OAuth) with Squidex, but I think this article could be improved.
You can do some steps like this:
The article is not directly relevant. It is not for teams. I have tested it with auth0 though. Can you please check the redirect URL or tell me which domain you have configured?
I mean the outgoing redirect URL. the one that is attached to the URL when the browser makes a redirect to azure AD
What I have seen is that the actually URL sent to AD is just https://cloud.squidex.io/signin-[ID] … can you try that? But in general you cannot register outlook as a domain, it probably works and there should be a better validation, but it is not the best idea.
Do you mean test button URL?
Maybe, but I choose that all Microsoft accounts(Company account or personal account) can be registered.
Sorry, there was a formatting issue with the forum…
When Squidex makes a request to the identity server, it adds the redirect URL to as query.
The actual redirect URL that is added is
https://cloud.squidex.io/signin-[YOUR_TEAM_ID]But the UI shows
https://cloud.squidex.io/identity-server/signin-[YOUR_TEAM_ID]
which is very likely a bug. So I would just add it to the actual redirect URL and try that.