![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(64, 39%, 16%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERR%3C/text%3E%3C/svg%3E)
Microsoft Security | Microsoft Entra | Microsoft Entra External ID
Managing external identities to enable secure access for partners, customers, and other non-employees
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(220.8, 92%, 31%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESM%3C/text%3E%3C/svg%3E)
Hey Rajan Ramasamy! It sounds like you’re having trouble viewing an external OIDC identity provider that you’ve set up for your user flow. Here are some steps you can follow to troubleshoot and ensure that it's properly configured:
- Check User Flow Configuration: Make sure that you have added the external OIDC identity provider to the correct user flow. To do this:
- Go to Microsoft Entra ID > External Identities > User flows.
- Select the user flow that you want to check.
- Under Settings, choose Identity providers and ensure your OIDC identity provider is listed under Other Identity Providers.
- Verify Configuration Parameters: Ensure that your OpenID Connect settings include the correct:
- Well-known endpoint (metadata URI): This should return the necessary configuration for your identity provider.
- Redirect URIs should be populated correctly (check against your application configuration).
- Registered Application: Ensure that your application is properly registered in the external tenant and all required permissions are assigned (e.g.,
Directory.ReadAll,User.Read, etc.). - Client Secret: If you are using a client secret, verify that it hasn’t expired. If needed, generate a new one in your Microsoft Entra application and replace the existing one in your configuration.
- Testing the Setup: After you've confirmed all configurations, attempt to sign in again. Sometimes, it may be necessary to clear browser cache or try signing in from an incognito window.
- Permissions: Ensure that admin consent has been granted for all necessary API permissions.
If you continue to have issues after checking these points, please provide more details:
- What exact steps did you follow when setting up the OIDC provider?
- Are you seeing any error messages, or is the provider simply not appearing?
- Can you confirm that the OIDC identity provider is functioning independently outside of Azure (e.g., through a direct test)?
Hope this helps, and looking forward to your reply with more details!
Relevant Documentation:
- Add OpenID Connect as an external identity provider
- Configure OIDC Identity Providers
- Microsoft Entra External ID Overview
Note: This content was drafted with the help of an AI system.