Retrieving OpenID Connect informations in Azure Active Directory

Owned by Fernando Vargas Prandini
Last updated: Nov 18, 2024 by Paulo Peres
3 min read

This tutorial guides you on how to retrieve the necessary information for configuring an OpenID Connect (OIDC) application with Azure Active Directory. Follow the steps below to obtain the Client ID, Client Secret, and essential endpoints used in OIDC authentication.

Prerequisites

  • Access to the Azure Portal with administrative permissions.

  • An OIDc-registered application within Azure Active Directory.

Steps

1. Access the Azure Portal

Visit the Azure Portal and log in with your credentials.

2. Navigate to Azure Active Directory

In the side menu of the Azure Portal, click on Azure Active Directory. This section allows you to manage your identity and access configurations.

3. Go to App Registrations

Within Azure Active Directory, find and click on App registrations. Here you will see a list of all registered applications.

image-20240605-171826.png

 

4. Select Your Application

Locate and select the application that you have configured for OIDC. This will open the configuration page of the application.

5. Configure Authentication

Inside the application's configuration page, navigate to the Authentication section.

In the Web platform settings, find the Redirect URIs. Here, you will need to add or update the redirect URI provided by your team. For example, you might add a URI similar to "https://botdoc-domain.us.auth0.com/login/callback".

Ensure this URL is correctly entered as it is critical for the security and functionality of the OIDC flow, as it specifies where responses from Azure are sent after authentication.

  • image-20240605-194654.png

     

6. Retrieve the Client ID

On the application overview page, you will find the Application (client) ID. Note this ID as it is your Client ID.

  •  

7. Obtain the Client's Secret

To view or create a new client secret:

  • Click on Single sign-on → Go to application.

  • Click on Certificates & secrets.

  • To generate a new secret, click on New client secret.

  • Provide a description and choose the duration of the secret.

  • Once created, note down the value of the secret immediately as it will not be shown again.

     

     

8. Authorization and Token Endpoints

To find the necessary endpoints, click on Endpoints at the top of the application page.

A list of endpoints will appear. Here, you will find all necessary URLs for the OIDC setup, including:

  • OAuth 2.0 authorization endpoint (v2)

  • OAuth 2.0 token endpoint (v2)

  • OpenID Connect metadata document (this URL contains the issuer and jwks_uri as part of the JSON document which you can download or access directly).

 

 

By following these steps, you will be able to retrieve all the necessary information for configuring and operating SSO with OIDC in your Microsoft Azure application.