Microsoft OpenID Connect as public without tenant connection

Related products: Indicium Service Tier

We use Microsoft  OpenID connect with and works fine, with one “but”….. it is not possible to create Indicium/IAM logins for Microsoft Accounts without adding them into our own Microsoft 365 tenant? Like you do with Google OpenID connect?

Power users can create IAM users with for example a hotmail or outlook.com email addresses. When these users login with Microsoft Open ID connect on our Indicium login is possible and get this “error”

When we create Azure AD guest users for these accounts to login is possible. But we do not want use our tenant for IAM app logins. Technically it’s possible when you use “COMMON” , see: Microsoft identity platform en OpenID Verbinding maken protocol - Microsoft identity platform | Microsoft Docs

Hi @Jaap van Beusekom 

Since you haven't received a response yet from Thinkwise: I have had earlier correspondence with Thinkwise, when we did some testing around the ‘organizations’ scope. But they then told us that currently the only supported OpenID integration for Microsoft is the Azure AD tenant level. I understood that the way Microsoft handles the different authentication scopes is somewhat hard to support in Indicium.

Still hope they will add this feature in the future though, so happy to vote for an Idea might you raise one!


Hi @Arie V 

I spoke with @Vincent Doppenberg months ago and he understands the change (parameter). I think it’s  not a technical more an priority issue. I really don’t understand ThinkWise made OpenID Connect and restrict  it by design to its most restricted method. Not really a common Open ID connect  ;-)

Microsoft identity platform and OpenID Connect protocol - Microsoft identity platform | Microsoft Docs


 


Updated idea statusNewOpen

Hi Jaap,

I have converted the topic to an Idea as this is currently not possible with Indicium. It's a good idea nevertheless and this way we can see how many members are wishing for this too to be part of the platform :wink:


Updated idea statusOpenWorking on it!