Configure MSR for OIDC authentication#
After you register the application in Microsoft Entra ID, configure OIDC in MSR.
- Navigate to Administration → Configuration → Authentication.
- Set the Auth Mode to OIDC.
-
Configure the following settings:
- OIDC Provider Name: Specify the name that will display on the login page button.
-
OIDC Endpoint:
- In the Entra ID application, navigate to the Overview page.
- Open the application endpoints and locate the OpenID Connect metadata document value. Open this URL in a web browser.
- Copy the
issuervalue from the JSON document and use it as the endpoint URL.
-
OIDC Client ID: Enter the Application (client) ID from the Entra ID application registration.
-
OIDC Client Secret: Enter the Value of the client secret from the Entra ID application.
Note
The client secret value is displayed only at creation time, thus if the value is hidden, delete the secret and create a new one.
-
OIDC Scope: Set this to
openid,profile,email,offline_access.
Ensure these scopes are enabled in the API permissions for the application.
-
Save the configuration and click Test OIDC Server to verify connectivity.
Test OIDC Login#
After you complete the OIDC configuration in Entra ID and MSR, test the OIDC login.
- Log out of the current MSR session.
- On the login page, select the button for the OIDC provider.
- Log in with a user from the external tenant.