Before configuring your Azure AD connection with j5
-
Configure a separate Mobile and Desktop application to the Single Page application.
-
Set the custom redirect url to com.j5.app://oauth_callback.
-
Set the accessTokenAcceptedVersion to 2 in the manifest of the application.
When configuring a M2M OAuth connection:
-
Configure a Web application that supports Access tokens. The custom redirect url needs to be the full j5 url end point (for example, https://clientj5.com).
-
Add a client secret and expose the API to the Web application.
Configure your Azure AD connection with j5
Select Azure AD as your Authorization Provider when you are using it as your identity provider.
-
Authorization Provider - Select Azure AD
-
Authorization Server ID - Enter the ID for the authorization server.
-
Custom claim for j5 username - Enter the custom claim key to retrieve the j5 username from the oAuth bearer token.
-
Custom scopes for oAuth - Enter a comma-separated list of the custom scopes used for the oAuth authentication.
-
j5 Client ID - Enter the ID for the configured application on the authorization server. This is the value configured in Azure AD.
-
Mapping of M2M applications and j5 users - List the client ID, corresponding auth server, audience, and j5 user mappings in a semi-colon separated list. This should be formatted as: "<client id 1>,<tenant id 1>,<client id 1>,<j5 user 1>;<client id 2>,<tenant id 2>,<client id 2>,<j5 user 2>"
-
OpenID Connect metadata document URL - Enter the URL for the authorization servers OpenID configuration endpoint.
-
Use access token as oAuth bearer token - Enter the access token details in this field when Azure has been configured to return the j5 username in response to an access token instead of an id token. j5 uses an id token to retrieve the bearer token from your IdP when this field is not configured.
The bearer token needs to meet certain requirements. Refer to Bearer token requirements for more information.