You are currently reviewing an older revision of this page.
Note: If you use Azure AD for your Identity Provider, we have step-by-step instruction for setting up your OIDC connection found here.
Your Token Provider Information
Parameter
Value
Issuer/Authority
https://login.microsoftonline.com/{tenant}/v2.0 [Azure Example]
Discovery URI
/.well-known/openid-configuration
Client ID
Typically, OAuth token Provider will create an OAuth client, will be needed to receive and validate JWT tokens
Client Secret
Typically, OAuth token Provider will create an OAuth secret, will be needed to receive and validate JWT tokens
Scopes
Provide what scope needs to be requested to receive user information
For example, openid profile
OpenID Login Type
Code
Authentication Method
POST (This is the method PingFederate will use to perform client authentication)
Authorization Endpoint
<optional if discovery url provided>
Token Endpoint
UserInfo Endpoint
JWKS Endpoint
Token Attributes
emailAddress
givenName
lastName
country
upn
name
sub
LoginSource
Default/UPN/Name (Required)
AccountID
(Required)
Bentley OIDC / OAuth Service Provider Details
Redirect URI
Bentley will Provide once Token Provider is registered (unique_id is dynamically generated) https://ims.bentley.com/sp/{unique_id}/cb.openid