Steps to Integrate OIDC

To integrate with AppViewX – Azure using OIDC
  1. From the Microsoft Azure Home > Default Directory Overview page, create an app under Enterprise Application within the Azure Active Directory (AAD).
  2. Click Enterprise applications.
  3. Click New application.
  4. Click Create your own application.
  5. In the Create your own application slider screen, perform the following:
    1. Enter a name in the What’s the name of your app? field
    2. Select the radio button Integrate any other application you don’t find in the gallery
    3. Click Create
    The application is created successfully and the details are displayed as shown below. Verify the details.
  6. Navigate to Overview, and then click App Registration.
  7. Select the App created.
  8. Setup the Redirect URI for web-based application.
  9. Click Redirect URI from the overview page of the App.
  10. Click Add a Platform.
  11. Select the Web platform and copy-paste the links from the AppViewX GUI.
  12. Copy paste the URL from AppViewX GUI as follows:
    1. Copy the Callback URL from the AppViewX GUI and paste it into the first field on the right.
    2. Copy the SLO URL from AppViewX GUI to the second field on the right.
    3. Select the check box ID Tokens.
    4. Note: Applicable for implicit and hybrid flows.
      Click Configure.
  13. Verify the details of the Redirect URL.
  14. Click Token configuration.
  15. In the Token configuration page, click Add optional claim.
    Perform the following on the right slider screen:
    1. In the Token type, select the ID radio button.
    2. Select the specified claims from the available list.
    3. Click Add.
  16. Click Add group claims and perform the following on the right slider page.
    1. Select the Security groups checkbox.
    2. From the ID section select the radio button for AccountName.
  17. Copy paste the Claims Mapping from Columns Claim in AppViewX as below.
  18. To create API permissions for claim mapping, click API Permissions.
  19. To configure the API Permissions from Microsoft Graph.
    1. Click Add a Permissions.
    2. Select Microsoft Graph.
    3. Select Delegated permission.
    4. Click the following check-box on the Select Permissions section.
      • email
      • openid
      • profile.
  20. To create client secret for the App, click Client credentials.
    • Click New client secret, copy the secret and save it securely.
  21. To copy the Endpoint Details from App Overview Page, click Endpoints.

    • Copy the URL from OpenID Connect metadata document field. Discovery Endpoint (WellKnown URL).

  22. Configure the Client ID, Secret Key, and OpenID Wellknown URL in AppViewX GUI.
  23. Create the Security Group within Azure, adding it in AppViewX under Accounts > User groups.
  24. Proceed with user authentication, ensuring alignment of AppViewX roles with the designated user groups.
    Note: Use the security groups with source as Windows Server AD.