Skip to content

Enabling single sign-on with OIDC for Microsoft Azure AD

Single sign-on is accomplished by setting up a trust relationship between the Connections server and Microsoft Azure Active Directory using the IBM WebSphere OpenID Connect Relying Party Trust Association Interceptor (OIDC Relying Party TAI).

For background on OIDC (OpenID Connect), you can see these topics in the IBM documentation for WebSphere Application Server:

Enabling this single sign-on in Connections involves completing three major steps:

  • Adding an app for Connections in Azure
  • Updating WebSphere to support single sign-on with Connections
  • Configuring Connections to support Azure

Note: You will use values from WebSphere TAI when adding the Connections app in Azure. Then use some Azure application values to complete the WebSphere configuration.

Parent topic:Configuring single sign-on