Configuration of Hideez Cloud as an External Authentication Method for Microsoft Entra ID via OIDC
Hideez Identity Cloud - Configuration OIDC for Entra ID as an External Authentication Method
Last updated
Hideez Identity Cloud - Configuration OIDC for Entra ID as an External Authentication Method
Last updated
Additional Resources
For further setup guidance, refer to the following articles:
Log in to the Microsoft Entra Admin Center.
Navigate to Identity → Applications → App Registrations.
Click + New registration.
Define a name for the app.
Set Supported account type to:
Accounts in any organizational directory (Any Entra ID directory - Multitenant).
Under the Redirect URI section:
Select Web platform.
Enter: https://idp-<Tenant Name>.us.hideez.io/connect/authorize.
Example: https://idp-69d5d91ab8.us.hideez.io/connect/authorize
.
Click Register.
Go to Hideez Cloud.
Go to Integrations → OIDC.
Click Create App Integration and set the following parameters:
App Type: Entra ID External Authentication Method (EAM).
Fill in the following:
Tenant ID
Application ID
Click Create.
Go back to Microsoft Entra Admin Center.
Navigate to Protection → Authentication Methods → Policies.
Click + Add external method (Preview).
Set the following parameters:
Name: The name users will see during Entra ID login when choosing their authentication method.
Client ID: Paste from the app integration in Hideez Cloud.
Discovery Endpoint: Paste from the app integration in Hideez Cloud.
App ID: Paste from the app integration in Hideez Cloud.
Click Request permission to grant admin consent for the app to read user information.
Click Enable.
Review the Included and Excluded Targets (all users are included by default).
Click Save.
Login to Microsoft Entra admin center.
Navigate to Protection → Conditional Access → Policies.
Click + New Policy (or edit an existing policy).
Configure the policy:
Specify Users: Define the users who will be affected by this policy.
Target Applications: Specify the applications covered by this policy.
Access Requirements:
Choose Require multifactor authentication so that the EAM (Hideez Cloud) is used as the MFA step.
Click on Save.
More information from more information from Microsoft can be found here Using Custom Control and EAM in parallel.