TABLE OF CONTENTS

• Step 1: Register a new App under App Registrations
• Step 2: Use the provided Redirect URI 
• Step 3: Activate ID Tokens for the new App
• Step 4: Add optional claims for the App
• Step 5: Grant admin consent for app (optional)Note: This is to circumvent the need for each user to give consent the first time they log in.
• Step 6: Send details to Position Green
• Instructions for Copying the Client Secret Value

Step 1: Register a new App under App Registrations

Note: Don't use Enterprise applications as that won't work.

Step 2: Use the provided Redirect URI 

Step 3: Activate ID Tokens for the new App

Step 4: Add optional claims for the App

⚠️ Important: When asked if you want to add API Permissions automatically - click yes otherwise you need to add them manually as shown in the next image.

Step 5: Grant admin consent for app (optional)
Note: This is to circumvent the need for each user to give consent the first time they log in.

Step 6: Send details to Position Green

• Application (client) ID
• Client Secret value
• OpenID Connect metadata document 

Application (client) ID and OpenID Connect Metadata document is available under overview -> endpoints

eg: https://login.microsoftonline.com/YYYYYYYY-YYYY-YYYY-YYYY-YYYYYYYYYYYY/v2.0/.well-known/openid-configuration

Instructions for Copying the Client Secret Value

1. In the left menu choose Certificates & secrets.
2. Under Client secrets click + New client secret, add a description and expiry, then Add.
3. Copy the value directly 
   1. ⚠️ This value is only displayed once during creation.
   2. Store it somewhere safe.
   3. Do not refresh the page before copying - if the page is refreshed before the value is copied, it will no longer be visible and cannot be retrieved later.
4. If the value is lost:
   1. If the client secret is not used anywhere else, delete the existing one.
   2. Create a new client secret to replace it.