OAuth 2.0 Configuration Example

This section explains how to configure OAuth 2.0 providers for Microsoft and Google, with reference examples for each.

Microsoft

Provider information

Parameter	Example
Client ID	11de338f-3443-4c96-8fa5-81e5c682af10 Specifies the application’s unique identifier. Find it on the Overview page in Azure.
Client Secret	(hidden for security; enter yours here) Provides secure client authentication. Create under Certificates & secrets.
Discovery Endpoint	https://login.microsoftonline.com/6fe2c527-u776-4v20-kqq8-a63670f1043r//v2.0/.well-known/openid-configuration Points to Azure OpenID Connect metadata. Find under Endpoints in Overview.
Authorization Endpoint	https://login.microsoftonline.com/6fe2c527-f885-4a20-aeb8-b69640f1056b/oauth2/v2.0/authorize Points to Azure OpenID Connect metadata. Find under Endpoints in Overview.
Token Endpoint	https://login.microsoftonline.com/6fe2c527-f885-4a20-aeb8-b69640f1056b/oauth2/v2.0/token Points to Azure OpenID Connect metadata. Find under Endpoints in Overview.
User Info Endpoint	https://graph.microsoft.com/oidc/userinfo Retrieves authenticated user profiles.
Scopes	openid, email, offline_access Defines access levels and claims included in the authentication process.

Authentication configuration example

Field	Example
Activate	Enables
Description	Sign In With Azure[OAuth]
Client ID	11de338f-3443-4c96-8fa5-81e5c682af10
Client Secret	(hidden for security; enter yours here)
Discovery Endpoint	https://login.microsoftonline.com/6fe2c527-f885-4a20-aeb8-b6964f01056b/v2.0/.well-known/openid-configuration
Authorization Endpoint	https://login.microsoftonline.com/6fe2c527-f885-4a20-aeb8-b6964f01056b/oauth2/v2.0/authorize
Token Endpoint	https://login.microsoftonline.com/6fe2c527-f885-4a20-aeb8-b6964f01056b/oauth2/v2.0/token
Scope	openid, email, offline_access
Redirect URLs	Web Server: http://[your-webclient-domain]:82/Auth/CallbackFlow Excel Add-in: http://localhost:44390/excelAddin/loginCallback
User Info Endpoint	https://graph.microsoft.com/oidc/userinfo
User Identifier	email
Prompt	select_account
Force reauthentification	Off

Map users example

Field	Example
Username	ADMIN
Name	ADMIN
Email	admin@companyname.com
User Identifier	RD@nectari.com

Google

Provider information

Parameter	Example
Client ID	343312345323453-t3424qpj03iie75appleqasff42ksq322.apps.googleusercontent.com Specifies the application’s unique identifier. Find it on the Overview page in Azure.
Client Secret	(hidden for security; enter yours here) Provides secure client authentication. Create under Certificates & secrets.
Authorization Endpoint	https://accounts.google.com/o/oauth2/v2/auth Generic endpoint. Find in Authenticating the user.
Token Endpoint	https://oauth2.googleapis.com/token Generic endpoint. Find in Authenticating the user.
User Info Endpoint	https://openidconnect.googleapis.com/v1/userinfo Generic endpoint for all registered applications
Scopes	openid, email Defines access levels and claims included in the authentication process.
Discovery Endpoint	https://accounts.google.com/.well-known/openid-configuration Generic endpoint. Find in Discovery document.

Authentication configuration example

Field	Example
Activate	Enables
Description	Sign In With Azure[OAuth]
Client ID	343313245323453-t342qjpj03iie75appleqsaff42ksq322.apps.googleusercontent.com
Client Secret	(hidden for security; enter yours here)
Discovery Endpoint	https://accounts.google.com/.well-known/openid-configuration
Authorization Endpoint	https://accounts.google.com/o/oauth2/v2/auth
Token Endpoint	https://oauth2.googleapis.com/token
Scope	openid, email
Redirect URLs	Web Server: https://webclientserver:443/Auth/CallbackFlow Excel Add-in: http://localhost:44390/excelAddin/loginCallback
User Info Endpoint	https://openidconnect.googleapis.com/v1/userinfo
User Identifier	email_verified

Map users example

Field	Example
Username	ADMIN
Name	ADMIN
Email	admin@companyname.com
User Identifier	RD@nectari.com