Creating Upstream ID Providers in the IIJ ID Service
- Click "System" and then "Upstream ID Provider Management."
- Click "Add New Upstream ID Provider."
Configure the settings using the following example and then click "Add Upstream ID Provider."
Option Description Upstream ID provider name Example: AD FS 2016 Authentication protocol OpenID Connect Client ID Configure "Application ID" with the correct value. Client secret Configure "Application Secret" with the correct value. Claim to represent user identifiers upn Authentication flow Select "Authorization Code Flow." Request scopes openid Endpoint settings Get data from the Discovery endpoint https://<AD FS domain>/adfs/.well-known/openid-configuration Issuer identifier (issuer) (in accordance with the Discovery endpoint information) Authorization endpoint (authorization_endpoint) (in accordance with the Discovery endpoint information) Token endpoint (token_endpoint) (in accordance with the Discovery endpoint information) URL of the JSON Web Key Set (jwks_uri) (in accordance with the Discovery endpoint information) Userinfo endpoint (userinfo_endpoint) (in accordance with the Discovery endpoint information) - Copy the "Redirect URL" as it will be needed in the next procedure.