This section describes how to configure OpenID Connect application federation settings.

1. Click "Application" and then "Application Management."
   
   
   

2. Click "Edit" for OpenID Connect Application.
   

3. Click "Federation."
   

4. Enter each item and then click "Update."

   

   Term	Description
   Discovery endpoint	Obtains information on the OpenID provider. [ Reference ] When Display Customization is enabled, use the following as the URL for Authorization endpoint. https://www.auth.iij.jp/op/authorization?tenant_hint=<Subdomain name of the URL that enables Display Customization>
   Client ID	Client ID for applications
   Client Secret	Client Secret for applications
   Default scopes	To skip the authorization screen during logins, select the appropriate scopes. If all scopes associated with RP authentication requests are included in the default scopes, the authorization screen will be skipped. * Authorization is the method by which users authorize their personal data to be provided to applications. Because the default scopes are designed with the assumption that administrators manage user data, the authorization screen can be skipped.
   Application top page URL	Enter the URL that should be accessed when a user clicks on the corresponding icon in My Applications.
   Redirect URLs	Enter the URL(s) allowed by the redirect_uri parameter in authorization requests. * To configure multiple redirect URLs, click "+ Add Redirect URL" to add another input field for an additional URL. * The https schema must be specified to use Implicit Flow. We recommend that you use https schema if using Authorization Code Flow.

   [ Reference ]

   The OpenID Connect ID provider information required for a federation with external services is displayed on the “Federation” tab.

Provided Attribute Information

The following table describes the attribute information provided by this service.