All screenshots and configuration details in this section are from AD FS Management version 10.0.0.0 installed on Windows Server 2019.
Configure an OpenID Connect client.
-
Open the AD FS Management application.
-
Right-click Application Groups, and then select the Add Application Group option from the menu.
-
On the Add Application Group Wizard screen, provide Name and Description for the OpenID Connect Client, and then click Native application accessing a web API.
-
Click Next.
-
On the Native Application screen, a Client Identifier will be automatically generated. Copy this value and store it separately as it will be required while configuring OpenID Connect in the EAM application. On the same page, a Redirect URI should be added. This will be the URI to which the authentication request will be redirected to along with an authorization code in the authorization code grant flow of OpenID Connect.
The Redirect URI referenced in the screenshot is only for demonstration and should not be used in the actual setup of the OIDC client.
-
On the Configure Web API screen, copy the Client Identifier generated in the previous step and add it as the Identifier.
-
On the next screen, select the default access policy, i.e., Permit Everyone.
-
On the Configure Application Permissions screen, select allatclaims and openid in Permitted scopes.
-
Click Next to navigate to the Summary screen.
-
Click Next to complete the wizard.