Setting up authentication with Microsoft Entra ID
The following guide will assist you in configuring your application to use Microsoft Entra for authentication.
Part 1: Configure a new application in Entra ID
Follow the steps in Creating an Entra app for Access Manager to create the app registration for Access Manager. Take note of the tenant ID, client ID and secret created here as they will be used in the next step.
Ensure that the appropriate API permissions have been granted for the User authentication using OpenID Connect
scenario.
Part 2: Configure Lithnet Access Manager
Open the Lithnet Access Manager Service Configuration Tool
Select the
App configuration\User Authentication
pageSelect
Open ID Connect
as the authentication providerUse the
application id
obtained from the Entra ID setup process as theclient ID
valueSpecify the
client secret
obtained from the Entra ID setup process.Set the authority as appropriate for your tenant (e.g. for
lithnet.io
it would behttps://login.microsoftonline.com/lithnet.io
)

Part 3: Enable multifactor authentication
For further security, you can set up a conditional access policy to require multifactor authentication for the app
Alternative claim mapping
AMS maps upn
, sid
and onprem_sid
claims automatically if they are found in the response from the IDP.
If you need to use an attribute other than those, you can configure a custom claim mapping using PowerShell
Last updated
Was this helpful?