Microsoft IdP Adapter settings reference
Field descriptions for the Microsoft IdP Adapter configuration screen.
| Field Name | Description |
|---|---|
Supported Account Types |
The type of accounts that users can sign in with. The single tenant and multitenant options support organizational accounts from a school or work directory. Personal accounts are not associated with an organization. Do one of the following:
The default selection is Personal accounts only. |
Single Tenant ID |
If you selected Single tenant for Support Account Types, enter the Directory (tenant) ID that you noted in Registering PingFederate as an application in Azure. Otherwise, leave this field blank. This field is blank by default. |
Client ID |
The Application (client) ID that you noted in Registering PingFederate as an application in Azure. |
Client Secret |
The client secret Value that you noted in Registering PingFederate as an application in Azure. |
Authorization Callback Endpoint |
The PingFederate endpoint that Microsoft uses to respond to authorization requests. If you set a custom endpoint in the Redirect URI field in Registering PingFederate as an application in Azure, change this field to match. The default value is:
|
Error Redirect URL |
The URL that PingFederate redirects the user to when the adapter encounters an error. A blank value shows the default error page. |
Unauthorized Redirect URL |
The URL that PingFederate redirects to when the user does not authorize Microsoft to share their information. A blank value shows the default error page. |
| Field Name | Description | ||
|---|---|---|---|
Include Login Hint |
If selected, the incoming User Id value (if provided) is sent as a |
||
Include Prompt |
If selected, PingFederate automatically maps and sends the standard PingFederate-supported OIDC prompt parameter as the
To send other values in the authorization request, use the Additional Parameters table and provide the value in an incoming chained attribute. Learn more in step 3 of Configuring an adapter instance. |
||
Microsoft Login Base URL |
The base URL used by Microsoft for any authentication calls. The default value is:
|
||
Microsoft Authorization Endpoint |
The endpoint used to request an authorization code from Microsoft. The default value is:
|
||
Microsoft Token Endpoint |
The endpoint used by Microsoft to retrieve an access token. The default value is:
|
||
Microsoft Logout Endpoint |
The logout endpoint used by Microsoft to end the user’s session. The default value is:
|
||
Microsoft User Info URL |
The URL used to retrieve Microsoft user data. The default value is:
|
||
Scopes |
Comma-separated scopes to request from Microsoft. The default value is: openid |
||
Microsoft Sign-on Presentation |
Determines how the user is directed to Microsoft for authentication. Automatic redirects are blocked by some browsers. If you select Pop-up and are not using PingFederate in authentication API mode, the adapter presents a template file. Options include:
|
||
Microsoft Pop-up Template |
The template file that presents the Microsoft sign-on form. Applies only when Microsoft Sign-on Presentation is set to Pop-up window. The default value is:
|
||
Microsoft Post Auth Template |
The template file that the adapter presents after the user signs on. Applies only when Microsoft Sign-on Presentation is set to Pop-up window. The default value is:
|
||
Microsoft Messages File |
The language-pack file associated with Microsoft Pop-up Template. The default value is:
|
||
Retry Request |
Retry request if API fails with error codes configured. Options include:
|
||
Maximum Retries Limit |
Determines how many times PingFederate will retry a request. The default value is |
||
Retry Error Codes |
Determines which response codes are considered failures. The default value is |
||
API Request Timeout |
The amount of time in milliseconds that PingFederate allows when establishing a connection with Azure or waiting for a response to a request. A value of 0 disables the timeout. The default value is |
||
Proxy Settings |
Defines proxy settings for outbound HTTP requests. The default value is System Defaults. |
||
Custom Proxy Host |
The proxy server host name to use when Proxy Settings is set to Custom. This field is blank by default. |
||
Custom Proxy Port |
The proxy server port to use when Proxy Settings is set to Custom. This field is blank by default. |