Configuration of Hideez Cloud as an External Authentication Method for Microsoft Entra ID via OIDC

Hideez Identity Cloud - Configuration OIDC for Entra ID as an External Authentication Method

Configure OIDC for Entra ID

Please note! Hideez Server as an External Authentication Method does not allow logging into Entra ID, but serves only as an additional MFA verification method. To use this feature, an Entra ID P1 license is required.

This guide explains how to integrate Microsoft Entra ID with Hideez Server using OIDC for authentication. It enables seamless external authentication via Entra ID, allowing users to log in securely through a unified platform.

Additional Resources

For further setup guidance, refer to the following articles:

Validating tokens issued by Microsoft Entra ID

Step 1: Register the App in Microsoft Entra

Log in to Microsoft Entra Admin Center.
Navigate to Identity → Applications → App registrations.
Click + New registration.
Define a name for the app.
Set Supported account type to:
- Accounts in any organizational directory (Any Entra ID directory - Multitenant).
Under the Redirect URI section:
- Select Web platform.
- Enter: https://idp-69d5d91ab8.us.hideez.io/connect/authorize.
Click Register.

After registering, keep the Application ID from the Essentials section. You'll need it later to configure your EAM in Hideez Cloud.

Step 2: Configure Integration in Hideez Cloud

Log in to Hideez Cloud.
Go to Integrations -> OIDC.
Click Create App Integration.
Select App Type: Entra ID External Authentication Method (EAM).
Fill in the following:
- Tenant ID
- Application ID
Click Create.

Keep the Client ID, Discovery Endpoint, and Entra Application ID ready for the next step.

Step 3: Add External Method in Entra ID

Go back to Microsoft Entra Admin Center.
Navigate to Protection > Authentication Methods > Policies.
Click + Add external method (Preview).
Set the following parameters:
- Name: Enter the name users will see during login.
- Client ID: Copy from the app integration in Hideez Cloud.
- Discovery Endpoint: Copy from the app integration in Hideez Cloud.
- App ID: Copy from the app integration in Hideez Cloud.
Click Request permission to grant admin consent for the app to read user information.
Click Enable.

Review Included and Excluded Targets (all users are included by default).
Click Save.

PreviousOIDC (OpenID Connect)NextServices that support OIDC and their configuration as Client

Last updated 1 day ago