Use TFP as External Authentication Method for Microsoft Entra ID
In this use case, you configure the platform as an external authentication method for Microsoft Entra ID (formerly Azure AD) using OIDC.
Goals
Enable your users to use the platform as external authentication method for MFA purposes.
Prerequisites
Task 1: Create an application
Create a new OIDC Web App (Human Identities > Applications > OpenID Connect ) with the following config:
{
"client_id": "auto-generated",
"client_name": "Your External Authentication Method Displayname",
"redirect_uris": [
"https://login.microsoftonline.com/common/federation/externalauthprovider"
],
"subject_type": "public",
"grantType": "implicit",
"response_type": "id_token",
"response_mode": "form_post",
"token_endpoint_auth_method": "none,
"id_token_signed_response_alg": "RS256",
"scope": "openid",
"claims_supported": [
"email"
],
}
Task 2
The next task is to prepare Microsoft Entra ID to serve as a Relying Party (RP) and use the created OpenID Provider (OP) as an external authentication method.
Next Steps
Enroll users into MFA in the platform
Last updated
Was this helpful?