Setting up authentication with Microsoft Entra ID
Last updated
Was this helpful?
Last updated
Was this helpful?
The following guide will assist you in configuring your application to use Microsoft Entra for authentication.
Follow the steps in to create the app registration for Access Manager. Take note of the tenant ID, client ID and secret created here as they will be used in the next step.
Ensure that the appropriate API permissions have been granted for the User authentication using OpenID Connect scenario.
Open the Lithnet Access Manager Service Configuration Tool
Select the App configuration\User Authentication page
Select Open ID Connect as the authentication provider
Use the application id obtained from the Entra ID setup process as the client ID value
Specify the client secret obtained from the Entra ID setup process.
Set the authority as appropriate for your tenant (e.g. for lithnet.io it would be https://login.microsoftonline.com/lithnet.io)
For further security, you can set up a conditional access policy to require multifactor authentication for the app
AMS maps upn, sid and onprem_sid claims automatically if they are found in the response from the IDP.
If you need to use an attribute other than those, you can configure a custom claim mapping using
