Creating Upstream ID Providers in the IIJ ID Service

  1. Click "System" and then "Upstream ID Provider Management."


  2. Click "Add New Upstream ID Provider."


  3. Configure the settings using the following example and then click "Add Upstream ID Provider."

    OptionDescription
    Upstream ID provider nameExample: AD FS 2016
    Authentication protocolOpenID Connect
    Client IDConfigure "Application ID" with the correct value.
    Client secretConfigure "Application Secret" with the correct value.
    Claim to represent user identifiersupn
    Authentication flowSelect "Authorization Code Flow."
    Request scopesopenid
    Endpoint settingsGet data from the Discovery endpointhttps://<AD FS domain>/adfs/.well-known/openid-configuration
    Issuer identifier (issuer)(in accordance with the Discovery endpoint information)
    Authorization endpoint (authorization_endpoint)(in accordance with the Discovery endpoint information)
    Token endpoint (token_endpoint)(in accordance with the Discovery endpoint information)
    URL of the JSON Web Key Set (jwks_uri)(in accordance with the Discovery endpoint information)
    Userinfo endpoint (userinfo_endpoint)(in accordance with the Discovery endpoint information)
  4. Copy the "Redirect URL" as it will be needed in the next procedure.