> ## Documentation Index
> Fetch the complete documentation index at: https://docs.maia.ai/llms.txt
> Use this file to discover all available pages before exploring further.

# Microsoft Entra and OpenID Connect

<Note>This document covers step two of the [Single sign-on (SSO) setup](/docs/administration/single-sign-on) process, and shouldn't be completed independently.</Note>

1. Log in to the [Microsoft Azure](https://portal.azure.com/#home) portal, and click **Microsoft Entra ID**.

   <img src="https://mintcdn.com/matillion/0bH-WuwTaSy4zifJ/images/hub/entra-and-open-id-connect/entra-and-open-id-connect-01.png?fit=max&auto=format&n=0bH-WuwTaSy4zifJ&q=85&s=1b429e0cabd14e9bec78b083c1280b68" alt="Microsoft Entra ID" width="1056" height="714" data-path="images/hub/entra-and-open-id-connect/entra-and-open-id-connect-01.png" />

2. At the top of the **Overview** page, click the **Add** menu, and select **App registration**.

   <img src="https://mintcdn.com/matillion/0bH-WuwTaSy4zifJ/images/hub/entra-and-open-id-connect/entra-and-open-id-connect-02.png?fit=max&auto=format&n=0bH-WuwTaSy4zifJ&q=85&s=3b011380befea1cc333a020baa305d7e" alt="App registration" width="1430" height="778" data-path="images/hub/entra-and-open-id-connect/entra-and-open-id-connect-02.png" />

3. Enter a **Name** for the application, such as `{maia}`.

   <img src="https://mintcdn.com/matillion/0bH-WuwTaSy4zifJ/images/hub/entra-and-open-id-connect/entra-and-open-id-connect-03.png?fit=max&auto=format&n=0bH-WuwTaSy4zifJ&q=85&s=1dc97904461b1b520967c0ea855ba386" alt="Enter application name" width="1430" height="874" data-path="images/hub/entra-and-open-id-connect/entra-and-open-id-connect-03.png" />

4. Select **Web** from the drop-down in the **Redirect URI (optional)** section, enter **[https://id.matillion.com/login/callback](https://id.matillion.com/login/callback)** as the value, and click **Register**.

   <img src="https://mintcdn.com/matillion/0bH-WuwTaSy4zifJ/images/hub/entra-and-open-id-connect/entra-and-open-id-connect-04.png?fit=max&auto=format&n=0bH-WuwTaSy4zifJ&q=85&s=8387bddd900eb532c250fcc4c4cee663" alt="Redirect URI" width="1430" height="882" data-path="images/hub/entra-and-open-id-connect/entra-and-open-id-connect-04.png" />

5. Click the **Add a certificate or secret** link.

   <img src="https://mintcdn.com/matillion/0bH-WuwTaSy4zifJ/images/hub/entra-and-open-id-connect/entra-and-open-id-connect-05.png?fit=max&auto=format&n=0bH-WuwTaSy4zifJ&q=85&s=02857214640c535f246f613a20bf1e22" alt="Add certificate or secret" width="866" height="750" data-path="images/hub/entra-and-open-id-connect/entra-and-open-id-connect-05.png" />

6. Select **Certificates & secrets** from the expanded **Manage** menu, then click **New client secret**.

   <img src="https://mintcdn.com/matillion/0bH-WuwTaSy4zifJ/images/hub/entra-and-open-id-connect/entra-and-open-id-connect-06.png?fit=max&auto=format&n=0bH-WuwTaSy4zifJ&q=85&s=bc78c1bf94cf7812127fb8a94f2a34fc" alt="New client secret" width="1394" height="642" data-path="images/hub/entra-and-open-id-connect/entra-and-open-id-connect-06.png" />

7. Enter a description, such as `{maia}`, set an expiry date, and click **Add**.

   <img src="https://mintcdn.com/matillion/0bH-WuwTaSy4zifJ/images/hub/entra-and-open-id-connect/entra-and-open-id-connect-07.png?fit=max&auto=format&n=0bH-WuwTaSy4zifJ&q=85&s=31bdc3cd5668ae9e6115bd50f6cef3db" alt="Add client secret" width="1310" height="622" data-path="images/hub/entra-and-open-id-connect/entra-and-open-id-connect-07.png" />

   <Note>Contact us to arrange for the secret to be rotated before the existing one expires to avoid minimal interruption to your users.</Note>

8. Copy the value of the **Secret**, and make a note of it somewhere you can refer to later.

   <img src="https://mintcdn.com/matillion/0bH-WuwTaSy4zifJ/images/hub/entra-and-open-id-connect/entra-and-open-id-connect-08.png?fit=max&auto=format&n=0bH-WuwTaSy4zifJ&q=85&s=f0c327a4d09b640526938b2cc1341c92" alt="Copy secret" width="1430" height="502" data-path="images/hub/entra-and-open-id-connect/entra-and-open-id-connect-08.png" />

9. Select **Overview** on the left, then copy the value of the **Application (client) ID**, and make a note of it for later.

   <img src="https://mintcdn.com/matillion/0bH-WuwTaSy4zifJ/images/hub/entra-and-open-id-connect/entra-and-open-id-connect-09.png?fit=max&auto=format&n=0bH-WuwTaSy4zifJ&q=85&s=7b952c522b3c3b694fe1fd9f2bfece6b" alt="Copy client ID" width="1430" height="668" data-path="images/hub/entra-and-open-id-connect/entra-and-open-id-connect-09.png" />

10. Click **Endpoints** at the top.

    <img src="https://mintcdn.com/matillion/0bH-WuwTaSy4zifJ/images/hub/entra-and-open-id-connect/entra-and-open-id-connect-10.png?fit=max&auto=format&n=0bH-WuwTaSy4zifJ&q=85&s=1dba9f9baf9b8c78d92b33f7dff86ded" alt="Endpoints" width="1430" height="684" data-path="images/hub/entra-and-open-id-connect/entra-and-open-id-connect-10.png" />

11. Scroll to the bottom of the page, and click the button to copy the **OpenID Connect metadata document**, and make a note of it for later.

    <img src="https://mintcdn.com/matillion/0bH-WuwTaSy4zifJ/images/hub/entra-and-open-id-connect/entra-and-open-id-connect-11.png?fit=max&auto=format&n=0bH-WuwTaSy4zifJ&q=85&s=b96194ba86c1a2d40f80e3109100f55f" alt="OpenID Connect metadata document" width="1430" height="882" data-path="images/hub/entra-and-open-id-connect/entra-and-open-id-connect-11.png" />

12. Continue the steps on the main document in [Single sign-on (SSO) setup](/docs/administration/single-sign-on).
