You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: api-reference/beta/resources/openidconnectidentityprovider.md
+5-5Lines changed: 5 additions & 5 deletions
Original file line number
Diff line number
Diff line change
@@ -32,15 +32,15 @@ For the list of API operations for managing OpenID Connect identity providers in
32
32
|Property|Type|Description|
33
33
|:---------------|:--------|:----------|
34
34
|clientId|String|The client identifier for the application obtained when registering the application with the identity provider. Required.|
35
-
|clientSecret|String|The client secret for the application obtained when registering the application with the identity provider. The clientSecret has a dependency on **responseType**. <ul><li>When **responseType** is `code`, a secret is required for the auth code exchange.</li><li>When **responseType** is `id_token` the secret is not required because there is no code exchange. The id_token is returned directly from the authorization response.</li></ul> This is write-only. A read operation returns `****`.|
35
+
|clientSecret|String|The client secret for the application obtained when registering the application with the identity provider. The clientSecret has a dependency on **responseType**. <ul><li>When **responseType** is `code`, a secret is required for the auth code exchange.</li><li>When **responseType** is `id_token`, the secret isn't required because there's no code exchange. The id_token is returned directly from the authorization response.</li></ul> This is write-only. A read operation returns `****`.|
36
36
|id|String|The identifier of the identity provider.Required. Inherited from [identityProviderBase](../resources/identityproviderbase.md). Read-only.|
37
37
|displayName|String|The display name of the identity provider. |
38
38
|claimsMapping|[claimsMapping](claimsmapping.md)|After the OIDC provider sends an ID token back to Microsoft Entra ID, Microsoft Entra ID needs to be able to map the claims from the received token to the claims that Microsoft Entra ID recognizes and uses. This complex type captures that mapping. Required.|
39
-
|domainHint|String|The domain hint can be used to skip directly to the sign-in page of the specified identity provider, instead of having the user make a selection among the list of available identity providers.|
39
+
|domainHint|String|The domain hint can be used to skip directly to the sign-in page of the specified identity provider instead of having the user make a selection among the list of available identity providers.|
40
40
|metadataUrl|String|The URL for the metadata document of the OpenID Connect identity provider. Every OpenID Connect identity provider describes a metadata document that contains most of the information required to perform sign-in. This includes information such as the URLs to use and the location of the service's public signing keys. The OpenID Connect metadata document is always located at an endpoint that ends in `.well-known/openid-configuration`. Provide the metadata URL for the OpenID Connect identity provider you add. Read-only. Required.|
41
41
|responseMode|[openIdConnectResponseMode](#openidconnectresponsemode-values)|The response mode defines the method used to send data back from the custom identity provider to Azure AD B2C. Possible values: `form_post`, `query`. Required.|
42
-
|responseType|[openIdConnectResponseTypes](#openidconnectresponsetypes-values)|The response type describes the type of information sent back in the initial call to the authorization_endpoint of the custom identity provider. Possible values: `code` , `id_token` , `token`. Required.|
43
-
|scope|String|Scope defines the information and permissions you are looking to gather from your custom identity provider. OpenID Connect requests must contain the openid scope value in order to receive the ID token from the identity provider. Without the ID token, users are not able to sign in to Azure AD B2C using the custom identity provider. Other scopes can be appended, separated by a space. For more details about the scope limitations, see [RFC6749 Section 3.3](https://tools.ietf.org/html/rfc6749#section-3.3). Required.|
42
+
|responseType|[openIdConnectResponseTypes](#openidconnectresponsetypes-values)|The response type describes the type of information sent back in the initial call to the authorization_endpoint of the custom identity provider. Possible values: `code` , `id_token` , `token`. Required.|
43
+
|scope|String|Scope defines the information and permissions you're looking to gather from your custom identity provider. OpenID Connect requests must contain the openid scope value in order to receive the ID token from the identity provider. Without the ID token, users aren't able to sign in to Azure AD B2C using the custom identity provider. Other scopes can be appended, separated by a space. For more information about the scope limitations, see [RFC6749 Section 3.3](https://tools.ietf.org/html/rfc6749#section-3.3). Required.|
44
44
45
45
### openIdConnectResponseMode values
46
46
|Member|Description|
@@ -54,7 +54,7 @@ For the list of API operations for managing OpenID Connect identity providers in
54
54
:--------|:----------|
55
55
|code|As per the authorization code flow, a code is returned back to Azure AD B2C. Azure AD B2C proceeds to call the token_endpoint to exchange the code for the token.|
56
56
|id_token|An ID token is returned back to Azure AD B2C from the custom identity provider.|
57
-
|token|An access token is returned back to Azure AD B2C from the custom identity provider. (This value is not supported by Azure AD B2C at the moment)|
57
+
|token|An access token is returned back to Azure AD B2C from the custom identity provider. (This value isn't supported by Azure AD B2C at the moment)|
0 commit comments