ํ‹ฐ์Šคํ† ๋ฆฌ ๋ทฐ

๋ฐ˜์‘ํ˜•

 

๐Ÿ› ๏ธ Azure AD OAuth Provider ๊ฐœ์š”

Azure Active Directory(Azure AD)๋Š” OAuth 2.0 ๋ฐ OpenID Connect(OIDC) ๊ธฐ๋ฐ˜์œผ๋กœ
Microsoft ๊ณ„์ •์„ ์‚ฌ์šฉํ•˜์—ฌ ์•ˆ์ „ํ•˜๊ฒŒ ๋กœ๊ทธ์ธํ•  ์ˆ˜ ์žˆ๋„๋ก ์ง€์›ํ•ฉ๋‹ˆ๋‹ค.
NextAuth.js์™€ ํ†ตํ•ฉํ•˜์—ฌ ๊ธฐ์—… ๊ณ„์ •, ์กฐ์ง ๊ณ„์ •, ์†Œ์…œ ๊ณ„์ • ๋“ฑ์„ ํ™œ์šฉํ•œ ์ธ์ฆ์ด ๊ฐ€๋Šฅํ•ฉ๋‹ˆ๋‹ค.


๐Ÿ“ฆ ๊ธฐ๋ณธ ์„ค์ • ์˜ˆ์‹œ (pages/api/auth/[...nextauth].ts)

import NextAuth from "next-auth"
import AzureADProvider from "next-auth/providers/azure-ad"

export default NextAuth({
  providers: [
    AzureADProvider({
      clientId: process.env.AZURE_AD_CLIENT_ID,
      clientSecret: process.env.AZURE_AD_CLIENT_SECRET,
      tenantId: process.env.AZURE_AD_TENANT_ID,
    }),
  ],
})

๐Ÿ“‘ ํ™˜๊ฒฝ ๋ณ€์ˆ˜ ์„ค์ • (.env)

AZURE_AD_CLIENT_ID=your-client-id
AZURE_AD_CLIENT_SECRET=your-client-secret
AZURE_AD_TENANT_ID=your-tenant-id
NEXTAUTH_URL=http://localhost:3000
NEXTAUTH_SECRET=your-nextauth-secret

๐ŸŒ Azure AD ์• ํ”Œ๋ฆฌ์ผ€์ด์…˜ ์„ค์ •

  1. Azure ํฌํ„ธ ์ ‘์†
  2. Azure Active DirectoryApp registrationsNew registration
  3. Redirect URI:
  4. http://localhost:3000/api/auth/callback/azure-ad
  5. API ๊ถŒํ•œ ์ถ”๊ฐ€:
    • Microsoft Graph → User.Read, User.ReadBasic.All
  6. Certificates & Secrets:
    • ํด๋ผ์ด์–ธํŠธ ์‹œํฌ๋ฆฟ ๋ฐœ๊ธ‰
  7. Token Configuration:
    • ID ํ† ํฐ, Access ํ† ํฐ ๋ฐœ๊ธ‰ ํ™œ์„ฑํ™”

๐Ÿ”„ ํ† ํฐ ์„ค์ •

๋ฐ˜์‘ํ˜•

์‚ฌ์šฉ์ž ์ •๋ณด ๊ฐ€์ ธ์˜ค๊ธฐ

async function jwt({ token, account }) {
  if (account?.provider === "azure-ad") {
    token.accessToken = account.access_token
  }
  return token
}

์„ธ์…˜์— ํฌํ•จ์‹œํ‚ค๊ธฐ

async function session({ session, token }) {
  session.accessToken = token.accessToken
  return session
}

๐Ÿง‘‍๐Ÿ’ป ์‚ฌ์šฉ์ž ์ •๋ณด ํ‘œ์‹œ ์˜ˆ์ œ

import { useSession } from "next-auth/react"

export default function Profile() {
  const { data: session } = useSession()
  return (
    <>
      <p>Signed in as {session?.user?.name}</p>
      <p>Access Token: {session?.accessToken}</p>
    </>
  )
}

โš ๏ธ ์ฃผ์˜์‚ฌํ•ญ

  • Azure AD ํ…Œ๋„ŒํŠธ์™€ ํด๋ผ์ด์–ธํŠธ ID ์„ค์ •์ด ์ •ํ™•ํ•˜์ง€ ์•Š์œผ๋ฉด ๋กœ๊ทธ์ธ ์˜ค๋ฅ˜ ๋ฐœ์ƒ
  • ๋ฐ˜๋“œ์‹œ OAuth 2.0 v2.0 ์—”๋“œํฌ์ธํŠธ๋ฅผ ์‚ฌ์šฉํ•ด์•ผ ํ•ฉ๋‹ˆ๋‹ค.
  • ํด๋ผ์ด์–ธํŠธ ์‹œํฌ๋ฆฟ๊ณผ ํ…Œ๋„ŒํŠธ ID๋ฅผ ํ™˜๊ฒฝ ๋ณ€์ˆ˜๋กœ ๊ด€๋ฆฌํ•˜์—ฌ ๋ณด์•ˆ ๊ฐ•ํ™”

๐Ÿ”‘ ์ถ”๊ฐ€ ๊ถŒํ•œ ์„ค์ •

Azure AD์—์„œ ๋‹ค์Œ๊ณผ ๊ฐ™์€ ๊ถŒํ•œ์„ ์ถ”๊ฐ€๋กœ ์„ค์ •ํ•  ์ˆ˜ ์žˆ์Šต๋‹ˆ๋‹ค:

  • email: ์ด๋ฉ”์ผ ์ •๋ณด ์ ‘๊ทผ
  • profile: ์‚ฌ์šฉ์ž ๊ธฐ๋ณธ ์ •๋ณด ์ ‘๊ทผ
  • offline_access: ํ† ํฐ ๊ฐฑ์‹ 

 

NextAuth Azure AD, Azure OAuth ์„ค์ •, Microsoft ์ธ์ฆ ๊ตฌํ˜„, Azure Client ID ์„ค์ •, OAuth2 Next.js ์—ฐ๋™, ์‚ฌ์šฉ์ž ์ •๋ณด ๊ฐ€์ ธ์˜ค๊ธฐ, MS ๊ณ„์ • ๋กœ๊ทธ์ธ, AD Tenant ์„ค์ •, OIDC ์ธ์ฆ ์ฒ˜๋ฆฌ, SEO ์ตœ์ ํ™” 10๊ฐœ


 

โ€ป ์ด ํฌ์ŠคํŒ…์€ ์ฟ ํŒก ํŒŒํŠธ๋„ˆ์Šค ํ™œ๋™์˜ ์ผํ™˜์œผ๋กœ, ์ด์— ๋”ฐ๋ฅธ ์ผ์ •์•ก์˜ ์ˆ˜์ˆ˜๋ฃŒ๋ฅผ ์ œ๊ณต๋ฐ›์Šต๋‹ˆ๋‹ค.
๊ณต์ง€์‚ฌํ•ญ
์ตœ๊ทผ์— ์˜ฌ๋ผ์˜จ ๊ธ€
์ตœ๊ทผ์— ๋‹ฌ๋ฆฐ ๋Œ“๊ธ€
Total
Today
Yesterday
๋งํฌ
ยซ   2025/07   ยป
์ผ ์›” ํ™” ์ˆ˜ ๋ชฉ ๊ธˆ ํ† 
1 2 3 4 5
6 7 8 9 10 11 12
13 14 15 16 17 18 19
20 21 22 23 24 25 26
27 28 29 30 31
๊ธ€ ๋ณด๊ด€ํ•จ
๋ฐ˜์‘ํ˜•