Configuring Azure AD for use with the Symbio AuthService
Please follow the instructions in Configuring Azure AD for use with Symbio Apps but adjust the Redirect URI as follows:
Once registered, adjust the Front-channel logout URL as follows:
Enable the issuing of Access tokens and ID tokens.
The following claims are required and must be sent by the external IdP.
- email (contains the email address of the user)
- given_name (contains the given, e.g. first name of the user)
- family_name (contains the family, e.g. last name of the user)
If the external IdP uses different claim types, make sure to provide a set of claim types (names) that contain the required data. Deviating claim types can then be mapped to the corresponding required claim types in the Symbio AuthService.