Hacker News new | ask | show | jobs
by syshum 1783 days ago
>yes, we don't support dynamic registration of apps for eg OIDC/oauth

Which is what I am talking about and ALOT of SaaS vendors do.

They have you go to AzureAD Go to Enterprise Applications, click "New Application" and then choose Application not found in Gallery.

When you do that, i can see no way to use anything other than SAML .

nothing in the Microsoft Docs, nor anything I can see on any portal gives the ability to for an Enterprise to Add their own Customer Open ID Connect application, you have to go through the process to add an App to the Gallery.
1 comments
hirsin 1783 days ago
Thanks for the feedback and experience! This is the difference between provisioning (adding an instance of an app to your tenant) and registration (Azure AD knowing your app exists). The pattern you're talking about is provisioning, and sadly yes, the manual route here is very focused on SAML. But anyone at all can register an app, and then anyone else can provision it into their tenant just by signing into it.

Will check out the docs and see what we can do, it's not good this was hard to learn.

link