EntraAD OpenID authentication example configuration

franciscol · December 3, 2024, 11:47pm

Hi, I’m reading this guide:
OpenID Authentication with Microsoft Entra ID (XWiki.org)

And the guide is not quite consistent.
My main issue is this that the section:

#-# Username will be generated based on UPN of the user. It will be converted to lowercase and removed all dots and other symbols
oidc.user.nameFormater=${oidc.idtoken.upn._clean._lowerCase}
oidc.user.subjectFormater=${oidc.idtoken.upn}
oidc.user.preferredUsername:${oidc.idtoken.upn}
oidc.user.mail:${oidc.idtoken.upn}

Has a different way to do the mail and the name, one uses “=” and the other uses “:”, also there’s no much info about the “oidc.idtoken.upn” claim or what the “${}” is or where does it come from or how it’s used.

Are there any guides I’m missing?

tmortagne · December 4, 2024, 8:04am

I cannot really answer most of that since I don’t know anything about Microsoft Entra ID, but for the ${} syntax, you might want to look at the reference documentation on https://extensions.xwiki.org/xwiki/bin/view/Extension/OpenID%20Connect/OpenID%20Connect%20Authenticator/#Hxwiki.properties.

franciscol · December 4, 2024, 11:59am

Awesome, thanks Tom.