Microsoft Entra IDP Setup

Register an OIDC App in Microsoft Entra ID

Here's how to register an application in Microsoft Entra ID for OpenID Connect (OIDC):

1. Log in to Azure Portal: Navigate to and sign in with your Azure account.

2. Navigate to App Registrations: Go to Microsoft Entra ID > App registrations > + New registration.

3. Register the Application:

   • Name: Enter a descriptive name for your application (e.g., Telmai-OIDC-App).

   • Supported account types: Choose the option that aligns with your organization's policies. Typically, "Accounts in this organizational directory only" is selected.

   • Redirect URI: Enter the redirect URI provided by Telmai. This will likely follow the format: https://<your-telmai-instance>.okta.com/oauth2/v1/authorize/callback. Please confirm the exact redirect URL with Telmai.

4. Post Registration Configuration: Once the app is created, open its overview page.

   • Retrieve Application (client) ID and Directory (tenant) ID: Copy and securely store these IDs. You will need them later.

   • Create a Client Secret:

     • Go to Certificates & Secrets > + New client secret.

     • Add a description for the secret and choose an expiration timeframe.

     • Click Add.

     • Copy the Value of the newly created client secret immediately. This value will not be shown again.

5. Construct the Well-known Configuration URL: Use the following format, replacing <TENANT_ID> with the Directory (tenant) ID you copied earlier:

   Copy

   https://login.microsoftonline.com/<TENANT_ID>/.well-known/openid-configuration

6. Assign API Permissions to the App:

   • Under API permissions, click + Add a permission.

   • Select Microsoft Graph > Delegated permissions.

   • Search for and add the following permissions:

     • openid

     • profile

     • offline_access

   • Click Add permissions.

   • Finally, click Grant admin consent for your tenant.