You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/app-service/configure-authentication-provider-google.md
+4-2Lines changed: 4 additions & 2 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -3,7 +3,7 @@ title: Configure Google Authentication
3
3
description: Learn how to configure Google authentication as an identity provider for your App Service or Azure Functions app.
4
4
ms.assetid: 2b2f9abf-9120-4aac-ac5b-4a268d9b6e2b
5
5
ms.topic: how-to
6
-
ms.date: 07/08/2025
6
+
ms.date: 07/10/2025
7
7
ms.custom: fasttrack-edit, AppServiceIdentity
8
8
author: cephalin
9
9
ms.author: cephalin
@@ -37,7 +37,9 @@ To complete the procedure, you must have a Google account that has a verified em
37
37
38
38
1. Enter the **App ID** and **App Secret** values you obtained previously.
39
39
40
-
1. If this is the first identity provider for the application, the **App Service authentication settings** section appears with settings such as how your application responds to unauthenticated requests. If you already configured an identity provider for the app, this section doesn't appear. The default selections redirect all requests to sign in with the new provider. You can customize this behavior now or later.
40
+
1. If this is the first identity provider for the application, the **App Service authentication settings** section appears with settings such as how your application responds to unauthenticated requests. The default selections redirect all requests to sign in with the new provider.
41
+
42
+
If you already configured an identity provider for the app, this section doesn't appear. You can customize the settings later if necessary.
Copy file name to clipboardExpand all lines: articles/app-service/configure-authentication-provider-openid-connect.md
+10-9Lines changed: 10 additions & 9 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -2,7 +2,7 @@
2
2
title: Configure an OpenID Connect Provider
3
3
description: Learn how to configure an OpenID Connect provider as an identity provider for your App Service or Azure Functions app.
4
4
ms.topic: how-to
5
-
ms.date: 07/08/2025
5
+
ms.date: 07/10/2025
6
6
ms.reviewer: mahender
7
7
ms.custom: AppServiceIdentity
8
8
author: cephalin
@@ -27,12 +27,9 @@ Your provider requires you to register your application by specifying a redirect
27
27
28
28
When you register your app, you need to collect a *client ID* and a *client secret* for your application. Make a note of these values to use in the Azure app configuration.
29
29
30
-
Your app needs to provide the client secret if you want users to acquire access tokens using the interactive authorization code flow. If you don't want to acquire access tokens, you don't need to use a secret.
31
-
32
-
> [!IMPORTANT]
33
-
> The client secret value is an important security credential. Don't share this secret with anyone or distribute it within a client application.
34
-
35
-
Each identity provider should provide instructions on how to complete the registration steps. Some providers might require extra steps for their configuration or for using the values that they provide. For example, Apple provides a private key that you use to create a JSON Web Token (JWT), which you enter as the secret in your app configuration. For more information, see [Creating a client secret](https://developer.apple.com/documentation/sign_in_with_apple/generate_and_validate_tokens).
30
+
> [!NOTE]
31
+
> - The client secret value is an important security credential. Don't share this secret with anyone or distribute it within a client application.
32
+
> - Your app must provide the client secret if you want users to acquire access tokens using the interactive authorization code flow. If you don't want to acquire access tokens, you don't need to use a secret.
36
33
37
34
You also need the provider's OIDC metadata. This metadata is often exposed in a [configuration metadata document](https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderConfig) that you can get at the path formed by appending `/.well-known/openid-configuration` to the provider's issuer URL.
38
35
@@ -43,6 +40,8 @@ If you can't access a configuration metadata document, get the following values
43
40
- The [OAuth 2.0 token endpoint](https://tools.ietf.org/html/rfc6749#section-3.2), sometimes shown as `token_endpoint`.
44
41
- The URL of the [OAuth 2.0 JSON Web Key set](https://tools.ietf.org/html/rfc8414#section-2) document, sometimes shown as `jwks_uri`.
45
42
43
+
Each identity provider should provide instructions on how to complete the registration steps. Some providers might require extra steps for their configuration or for using the values that they provide. For example, Apple provides a private key that you use to create a JSON Web Token (JWT), which you enter as the secret in your app configuration. For more information, see [Creating a client secret](https://developer.apple.com/documentation/sign_in_with_apple/generate_and_validate_tokens).
44
+
46
45
## <aname="configure"> </a>Add provider information to your application
47
46
48
47
To configure the OpenID Connect provider in Azure, follow these steps:
@@ -61,11 +60,13 @@ To configure the OpenID Connect provider in Azure, follow these steps:
61
60
62
61
1. Under **App registration**, provide the values you collected earlier for **Client ID** and **Client secret**.
63
62
64
-
1. If this is the first identity provider for the application, the **App Service authentication settings** section appears with settings such as how your application responds to unauthenticated requests. If you already configured an identity provider for the app, this section doesn't appear. The default selections redirect all requests to sign in with the new provider. You can customize this behavior now or later.
63
+
1. If this is the first identity provider for the application, the **App Service authentication settings** section appears with settings such as how your application responds to unauthenticated requests. The default selections redirect all requests to sign in with the new provider.
64
+
65
+
If you already configured an identity provider for the app, this section doesn't appear. You can customize the settings later if necessary.
65
66
66
67
1. Select **Add** to finish setting up the identity provider.
67
68
68
-
On the **Authentication** page, the OIDC provider friendly name appended with **(custom provider)** now appears in the **Identity provider** section. You can edit the settings by selecting the provider's pencil icon under **Edit**.
69
+
On the **Authentication** page, **\<oidc_friendly_name> (custom provider)** now appears in the **Identity provider** section. You can edit the provider's settings by selecting its pencil icon under **Edit**.
69
70
70
71
The **Authentication settings** section shows settings such as how the application responds to unauthenticated requests. You can edit these settings by selecting **Edit** next to **Authentication settings**. To learn more about the options, see [Authentication flow](overview-authentication-authorization.md#authentication-flow).
0 commit comments