Skip to main content

Microsoft Entra External ID

About 2 min

This session shows how to register an OIDC Web application on Microsoft Entra Admin Centeropen in new window. When registering the application, we are getting the following three values that are needed for later configuration in Datawiza Cloud Management Console (DCMC):

  • Client ID
  • Client Secret
  • Issuer

Get the Primary Domain and Tenant ID for Your Entra ID External Tenant

  1. Find Tenant ID on the overview page of your tenant. Microsoft Entra External ID SSO | Overview

  2. Note down the issuer https://{tenant-id}.ciamlogin.com/{tenant-id}/v2.0, and replace the tenant id with your value.

App Registration in Entra ID External Tenant

  1. Choose App Registrations from the left side bar and create a new Registration by clicking New registration. Microsoft Entra External ID SSO | Add New App 1

  2. Create an Application as follow:

    • Name: e.g.,Test App 1
    • Redirect Url: http://localhost:9772/datawiza/authorization-code/callback
    • Select Supported Account Types as Accounts in any organizational directory (Any Microsoft Entra ID tenant - Multitenant) and personal Microsoft accounts (e.g. Skype, Xbox).
    • Click Register
    • Save the "Application ID" after you successfully registered the Application Microsoft Entra External ID SSO | Add New App 2
  3. In the same application you just created, choose Certificates & secrets from the left side bar and create a New client secret by clicking New client secret.

    • Specify the default 6 months
    • Save the "Client Secret Value" after you successfully created a new client secret Microsoft Entra External ID SSO | Create New Client Secret
  4. Choose API permissions from the left side bar. User.Read should already be configured by default. Click Grant admin consent. Please keep in mind, only administrator can grant this permission. Microsoft Entra External ID SSO | Grant API Admin Consent

Configure a User Flow in Entra ID External Tenant

  1. Select User flows and click New user flow: Microsoft Entra External ID SSO | user flow

  2. Input the Name, and keep everything else as default. Then click Create. Microsoft Entra External ID SSO | user flow

  3. In the same user flow you just created, select Applications. Microsoft Entra External ID SSO | user flow

  4. Add the target application into this user flow. Microsoft Entra External ID SSO | user flow

Summary

We have shown how to register a web application on Microsoft External ID. Please make sure to save following three values for later setting in Datawiza Cloud Management Console.

  • Application (client) ID
  • Client Secret
  • Issuer