I would be greatly appreciative if anybody has any thoughts/ ideas on how to go about setting up SSO for customer community using Azure AD. We do not need the ability to register users in the community but the directory of permitted users is kept in azure AD. I have tried the standard salesforce application but that doesn't work. I have set up a custom app in azure but not sure why I need to define a registration handler in SFDC and what form it should take..... Any assistnce would be greatly received ( my me and may others I expect)
An Auth Provider Registration Handler auto-magically creaes the user and associated authorization bits during the OpenID Connect (or other protocol) flow. It is required in order to set up such an SSO experience.
That said an Auth Provider Registration Handler IS NOT the same thing as enabling self-registration on a Community. You do not have to enable it and your users will not have to manually register.
In the case where you have created the accounts in Communities already, then all you need to do is ensure that the Create method of the Auth Provider registration handler returns the existing user. This implies that Azure AD is sending enough data over that you can use something (such as email) to match the inbound identity to an pre-created user record.
