Frequently Asked Questions
Frequently Asked Questions
Azure AD authentication - Using ID Token as Access Token
Posted by Ville Karinen (M-Files) on 09 December 2019 01:46 PM

When configuring federated authentication with Azure AD and OpenID, you need to specify "UseIDTokenAsAccessToken": "true" under the advanced Client settings. However, Azure AD usually resets this back to "false", so the setting does not work.

To force "UseIDTokenAsAccessToken" to keep the "true" value, add the following setting under the Server settings in the configuration JSON on the Advanced tab:

"PreserveClientSpecificSetting_UseIDTokenAsAccessToken": "true"

Please refer to the partial configuration example below:

[
    {
        "configurations": [
            {
                "tmpProtocol": "oauth",
                "oauthSettings": {
                    "client": {
                        "tmpExtras": "yes",
                        "UseIdTokenAsAccessToken": "true",
                        "ClientID": "fe19542e-d352-4499-bd9c-24cd6b2183ca"
                    },
                    "server": {
                        "AccountClaim": "upn",
                        "Audience": "fe19542e-d352-4499-bd9c-24cd6b2183ca",
                        "IdentityProviderMetadata": "https://login.microsoftonline.com/77bg065e-b4b4-4375-84df-gdd3d7b3a937/v2.0/.well-known/openid-configuration",
                        "PreserveClientSpecificSetting_UseIDTokenAsAccessToken": "true"
                    }
                },
                "name": "Azure AD authentication"
            }
        ],
        "tmpScopeName": "*",
        "defaultConfiguration": "Azure AD authentication"
    }
]
(0 vote(s))
This article was helpful
This article was not helpful

Help Desk Software by Kayako case