How to Create a Microsoft Login Button Using PHP

Postado em - Última vez Modificado em

The basic intention of this article is to explain briefly the steps involved to create a Microsoft login button for your website. No one wants to fill out long form registrations on every website, so the idea is to connect to their existing logins like Microsoft, Gmail, Yahoo, Facebook, etc., and pull the profile information as authentication for your site.

In this tutorial, you will be creating a Microsoft application in your Microsoft account, and making a Web page on your server to communicate with the Microsoft application. The trick to this task is to use a special protocol called OAuth to act as the liaison between your website codes in PHP and the Microsoft Application.

Moving on to technical details, let’s get to know the three steps involved:

Step 1

Make a blank page on your Web server in the root or in any folder. Let’s name it “myredirect.php” for example .

Step 2

Create a Microsoft application by logging into your Microsoft account. Go to the applications page by clicking here.

Click on the "Create an Application" button. A form will open and you will have to fill in the following details - 

a)      Application name

b)      Language you wanted

c)       Click on the "I accept terms" button and it takes you to the next set of form details, where you will have to fill in the application name, logo and redirect URL. In the redirect URL just specify:

 (Or the folder included if you have not saved this file on the root folder)

When you save all the details, you'll get a client secret key and client ID to use in your code page. Make note of the secret key and the ID for future reference.

Step 3

On the login form page you have created, place a button to login through Microsoft. On the form post, click event, then copy and paste the following codes:

$myclient_id = "";

$myredirect_uri = "";                 

$myscopes = "wl.basic,wl.emails wl.signin,wl.offline_access ";

//coding to redirect to the Microsoft application just created.                    

header("Location: " . "" . $myclient_id . "&scope=" . $myscopes . "&response_type=token&redirect_uri=" . $myredirect_uri);


Add all scopes that you need for your website. The list of scopes can be referenced from: 

Make sure to fill the $myclient_id and the $myredirect_uri from the previously stored values.

Come back to myredirect.php and get the response from the redirect from login form. Take the following code from below and save it on myredirect.php.


  $myclient_id = "fill in your client id here";
  $client_secret = "fill in your secret key here";
  $redirect_uri = "redirect url place here";

  //$_GET["code"] is the authorization code
    //user is granted permission

    //get access token using the authorization code

    $url = "";
        $fields = array("client_id" => $myclient_id, "redirect_uri" => $myredirect_uri, "client_secret" => $myclient_secret, "code" => $_GET["code"], "grant_type" => "myauthorization_code");

        foreach($fields as $key=>$value) { $fields_string .= $key."=".$value."&"; }
        rtrim($fields_string, "&");

        $ch = curl_init();

        curl_setopt($ch,CURLOPT_URL, $url);
        curl_setopt($ch,CURLOPT_HTTPHEADER, array("Content-Type: application/x-www-form-urlencoded"));
        curl_setopt($ch,CURLOPT_POST, count($fields));
        curl_setopt($ch,CURLOPT_POSTFIELDS, $fields_string);

        $result = curl_exec($ch);
        $result = json_decode($result);


    //this is the refresh token used to access Microsoft Live REST APIs
        $myaccess_token = $result->access_token;
//tokens expire every one hour so the below code is used to get new tokens then
        $myrefresh_token = $result->refresh_token;
    echo "An error occured";


Troubleshooting Note:

In case you happen to get an http response error while running the code, it just means the token has expired. In such cases, copy the code below to your myredirect.php page.

function new_access_token($refresh_token)
    $myurl = "";
    $myfields = array("client_id" => $myclient_id, "redirect_uri" => $my_uri, "client_secret" => $myclient_secret, "grant_type" => "refresh_token", "refresh_token" => $myrefresh_token);

    foreach($myfields as $mykey=>$myvalue) { $my_string .= $mykey."=".$myvalue."&"; }
    rtrim($my_string, "&");

    $chcurling = curl_init();

    curl_setopt($chcurling,CURLOPT_URL, $myurl);
    curl_setopt($chcurling,CURLOPT_HTTPHEADER, array("Content-Type: application/x-www-form-urlencoded"));
    curl_setopt($chcurling,CURLOPT_POST, count($myfields));
    curl_setopt($chcurling,CURLOPT_POSTFIELDS, $my_string);

    $myresult = curl_exec($chcurling);
    $myresult = json_decode($result);


    $myaccess_token = $result->access_token;

    return $myaccess_token;
With the access token received, you can pull any information from Microsoft. To pull all user profile information, use the following code:

echo file_get_contents("" . $myaccess_token);

Check the link below for all the REST API calls that you can make to Microsoft:

Postado 6 dezembro, 2014



************ TOP 5 WOMEN FREELANCERS *********************** About ME ************* DN Infoway is an offshore outsourcing company providing round-the-clock services to customers. We are a small team of 10 people, 7 coders and 3 designers. We offer round the clock services in web design and developmen...

Próximo Artigo

JavaScript Text Editors to Try