Creating Upstream ID Providers in the IIJ ID Service
- Click "System" and then "Upstream ID Provider Management."
- Click "Add New Upstream ID Provider."
Configure the settings using the following example and then click "Add Upstream ID Provider."
Option Description Comments Upstream ID provider name Example: Azure AD Authentication protocol OpenID Connect Client ID Configure "Application ID" with the correct value. Client secret Enter the "new password" generated under "Application secret." Claim to represent user identifiers preferred_username Authentication flow Select "Authorization Code Flow." Request scopes - openid
- profile
Endpoint settings Get data from the Discovery endpoint https://login.microsoftonline.com/{directory ID}/v2.0/.well-known/openid-configuration Refer to "Verifying Directory IDs" for more information on retrieving directory IDs.
Issuer identifier (issuer) (in accordance with the Discovery endpoint information) Authorization endpoint (authorization_endpoint) (in accordance with the Discovery endpoint information) Token endpoint (token_endpoint) (in accordance with the Discovery endpoint information) URL of the JSON Web Key Set (jwks_uri) (in accordance with the Discovery endpoint information) Userinfo endpoint (userinfo_endpoint) (in accordance with the Discovery endpoint information) - Copy the "Redirect URL" as it will be needed in the next procedure.
