How To Set Up Your Own Microsoft App (OpenID Connect)
Log in to the your Azure Portal:
Go to Azure Active Directory, and then go to App Registrations.
Click New Registration
- Enter a name for your application (we recommend using your organization name)
- Select Single Tenant for the supported account types.
- Set the Redirect URI to:
Note: For the Microsoft Enterprise Provider, please ensure that the account type is Single Tenant. This restricts login to your domain only, whereas “Multitenant” will allow any Microsoft user to log in.
- Click Register. After the application is created, take note of the Client ID
- Click on Endpoints, and copy down the following:
- OAuth 2.0 authorization endpoint (v2)
- OAuth 2.0 token endpoint (v2)
- Click on Certificates & Secrets, and then click on New client secret, name the description, set your desired expiry, and then click Add
- Your Secret value will be generated automatically, and you must copy this Secret value down immediately; the value will be hidden forever if you navigate away from the page, so you must regenerate a new one if the value is lost
- Go to logonlabs.com
- Click Sign In and authenticate (or Sign Up make a new account and authenticate)
- Navigate to Default Rules (or Domain Rules and open/create a domain module)
- Click on the Microsoft button under Enterprise Identity Providers
- Choose OpenID Connect.
- Click Add.
- Enter a name.
- Enter a description (optional).
- Enter the OAuth 2.0 Authorization Endpoint (v2) value from the Endpoints page in Azure.
- Enter the OAuth 2.0 Token Endpoint (v2) value from the Endpoints page in Azure.
- Enter the Application (client) ID from the Overview page in Azure.
- Enter the Client Secret that you generated and saved above.
- Click Add
- Enable Microsoft by clicking the new entry in the Microsoft Identity Providers list
What is Microsoft ID? Using SSO with Microsoft Accounts
How To Set Up Your Own Okta App (SAML)