identityProvider resource type (deprecated)
Namespace: microsoft.graph
Important
APIs under the /beta
version in Microsoft Graph are subject to change. Use of these APIs in production applications is not supported. To determine whether an API is available in v1.0, use the Version selector.
Caution
This identity provider API is deprecated and will stop returning data after March, 2023. Please use the new identity provider API.
Represents identity providers with External Identities for both Microsoft Entra tenant and an Azure AD B2C tenant.
For Microsoft Entra B2B scenarios in a Microsoft Entra tenant, the identity provider type can be Google or Facebook.
Configuring an identity provider in your Microsoft Entra tenant enables new Microsoft Entra B2B guest scenarios. For example, an organization has resources in Microsoft 365 that need to be shared with a Gmail user. The Gmail user will use their Google account credentials to authenticate and access the documents.
In an Azure AD B2C tenant, the identity provider type can be Microsoft, Google, Facebook, Amazon, LinkedIn, Twitter or any openIdConnectProvider. The following identity providers are in preview: Weibo, QQ, WeChat, and GitHub.
Configuring an identity provider in your Azure AD B2C tenant enables users to sign up and sign in using a social account or a custom OpenID Connect supported provider in an application. For example, an application can use Azure AD B2C to allow users to sign up for the service using a Facebook account or their own custom identity provider that complies with OIDC protocol.
If it is a custom OpenID Connect identity provider with OpenIDConnect
as type
then it is represented using openIdConnectProvider resource type, which will inherit from identityProvider resource type.
Methods
Method | Return Type | Description |
---|---|---|
List | identityProvider collection | Retrieve all identity providers configured in a tenant. |
Create | identityProvider | Create a new identity provider. |
Get | identityProvider | Retrieve properties of an identity provider. |
Update | None | Update an identity provider. |
Delete | None | Delete an identity provider. |
List available provider types | String collection | Retrieve all available identity provider types. |
Properties
Property | Type | Description |
---|---|---|
clientId | String | The client ID for the application obtained when registering the application with the identity provider. This is a required field. Required. Not nullable. |
clientSecret | String | The client secret for the application obtained when registering the application with the identity provider. This is write-only. A read operation will return **** . This is a required field. Required. Not nullable. |
id | String | The ID of the identity provider. |
name | String | The display name of the identity provider. Not nullable. |
type | String | The identity provider type is a required field. For B2B scenario: Google , Facebook . For B2C scenario: Microsoft , Google , Amazon , LinkedIn , Facebook , GitHub , Twitter , Weibo ,QQ , WeChat , OpenIDConnect . Not nullable. |
Where to get the client ID and secret
Each identity provider has a process for creating an app registration. For example, users create an app registration with Facebook at developers.facebook.com. The resulting client ID and client secret can be passed to create identityProvider. Then, each user object in the directory can be federated to any of the tenant's identity providers for authentication. This enables the user to sign in by entering credentials on the identity provider's sign in page. The token from the identity provider is validated by Microsoft Entra ID before the tenant issues a token to the application.
JSON representation
The following is a JSON representation of the resource.
{
"id": "String",
"type": "String",
"name": "String",
"clientId": "String",
"clientSecret": "String"
}
피드백
https://aka.ms/ContentUserFeedback
출시 예정: 2024년 내내 콘텐츠에 대한 피드백 메커니즘으로 GitHub 문제를 단계적으로 폐지하고 이를 새로운 피드백 시스템으로 바꿀 예정입니다. 자세한 내용은 다음을 참조하세요.다음에 대한 사용자 의견 제출 및 보기